====================================================================

                                 CERT-Renater

                     Note d'Information No. 2015/VULN185
_____________________________________________________________________

DATE                : 10/09/2015

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Adobe Shockwave Player versions
                                        prior to 12.2.0.162.

======================================================================
https://helpx.adobe.com/security/products/shockwave/apsb15-22.html
_____________________________________________________________________


Adobe Security Bulletin

Security update available for Adobe Shockwave Player

Release date: September 8, 2015
Vulnerability identifier: APSB15-22
Priority: See table below
CVE number: CVE-2015-6680, CVE-2015-6681
Platform: Windows


Summary

Adobe has released a security update for Adobe Shockwave Player. This
update addresses critical vulnerabilities that could potentially allow
6.2.0 up to and
                 including 6.2.14, 7.0.0 up  up to and including to
7.3.1an attacker to take control of the affected system.


Affected software versions

Product 		Affected versions 	Platform

Adobe Shockwave Player 	12.1.9.160 and earlier	Windows


Solution

Adobe categorizes this update with the following priority rating and
recommends users update their installation to the newest version by
following the instructions below:

Product      Updated version   Platform   Priority rating  Availability
Adobe Shockwave  12.2.0.162	Windows	  1            Shockwave Player	
Player                                                  Download Center


Adobe recommends users of Adobe Shockwave Player 12.1.9.160 and earlier
versions update to Adobe Shockwave Player 12.2.0.162 by visiting the
Adobe Shockwave Player Download Center.


Vulnerability Details

This update resolves memory corruption vulnerabilities that could lead
to code execution (CVE-2015-6680, CVE-2015-6681).


Acknowledgments

Adobe would like to thank Tongbo Luo of Palo Alto Networks for
reporting these issues and for working with Adobe to help protect our
customers.


=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================