Adobe Shockwave Player 11.5.1.601 - ActiveX Buffer Overflow (PoC)

EDB-ID:

9682


Platform:

Windows

Published:

2009-09-15

#####################################################################################

Application:  Adobe ShockWave Player (11.5.1.601)
            
Platforms:    Windows XP Professional French SP2 and SP3

crash:	      IE 6.0.2900.2180
	
Exploitation: remote DoS

Date:         2009-08-24

Author:       Francis Provencher (Protek Research Lab's)
             

#####################################################################################

1) Introduction
2) Technical details and bug
3) The Code

#####################################################################################

===============
1) Introduction
===============

Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player.
These people now have access to some of the best the Web has to offer - including dazzling 3D games and entertainment,
interactive product demonstrations, and online learning applications. Shockwave Player displays Web content that has been created by Adobe Director.

#####################################################################################

============================
2) Technical details 
============================

Name:	SwDir.dll
Ver.:	11.5.1.601
CLSID:	{233C1507-6A77-46A4-9443-F871F945D258}


(d40.b20): Stack overflow - code c00000fd 
eax=00305004 ebx=00000003 ecx=00032f80 edx=00400000 esi=09ae0024 edi=00400002
eip=69214965 esp=0012df78 ebp=0012df8c iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000             efl=00010202



#####################################################################################

# milw0rm.com [2009-09-15]