1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Adobe Shockwave rcsL Memory Corruption CVE-2010-3653

Attack: Adobe Shockwave rcsL Memory Corruption CVE-2010-3653

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts to cause memory corruption in Adobe Shockwave Player by opening a specially crafted .DIR File.

Additional Information

Adobe Shockwave Player is a multimedia player application.

Adobe Shockwave Player is prone to a remote memory-corruption vulnerability because it fails to properly parse 'rcsL' chunks of the Director's RIFF-based file format. An attacker can exploit this issue by manipulating the return value of the 'EAX' register to control the pointer used in calculating an offset into a heap-based buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed attacks may cause a denial-of-service condition.

Adobe Shockwave Player is vulnerable; other versions may also be affected.


  • Updates are available; please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube