CVE-2010-2871

Name of the Vulnerable Software and Affected Versions Adobe Shockwave Player versions prior to 11.5.8.612

Description The issue is related to an integer overflow in the 3D object functionality, allowing remote attackers to cause a denial of service or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie.

Recommendations For versions prior to 11.5.8.612, update to version 11.5.8.612 or later to resolve the issue. As a temporary workaround, consider restricting the use of 3D object functionality in Director movies until a patch is applied. Avoid using crafted size values in 0xFFFFFF45 RIFF records to minimize the risk of exploitation.