This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to cause memory corruption in Adobe Shockwave Player by opening a specially crafted .DIR File.
Adobe Shockwave Player is a multimedia player application.
Adobe Shockwave Player is prone to a remote memory-corruption vulnerability because it fails to properly parse 'rcsL' chunks of the Director's RIFF-based file format. An attacker can exploit this issue by manipulating the return value of the 'EAX' register to control the pointer used in calculating an offset into a heap-based buffer.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed attacks may cause a denial-of-service condition.
Adobe Shockwave Player 220.127.116.112 is vulnerable; other versions may also be affected.
- Updates are available; please see the references for more information.