Adobe plugs up buffer overflow holes in Shockwave update
Adobe released a patch for its Shockwave Player software on Tuesday, addressing six security vulnerabilities that might easily lend themselves to malware-pushing exploits. Shockwave Player 11.6.7.637 and earlier versions on both Windows and Mac need updating to the latest version: Shockwave Player 11.6.8.638. Adobe said it was …
This topic is closed for new posts.
Good Grief
Buffer overflow vulnerabilities and array out of bounds problems? Are they still a thing?
Are we all still coding in C, not checking our array indices and not checking our malloc() returns?
Surely with modern object oriented languages that support strong static typing, hide pointers and have automatic garbage collection (e.g. C#, Java), you would have to be a fairly naive coder to create code with those problems.
Re: Good Grief
I can only assume from the naivety of your post that Shockwave is older than you are, in which case it should be immediately apparent that its code probably is written in C.
@Ken Hagan
You may be right. A little sleuthing turned up this gem:
http://www.rohitab.com/discuss/topic/34679-shockwaves-guide-to-writing-secure-code-in-c/
Oh, the irony.
garbage collection
is a bit like your gran cleaning your room, her bad back stops her cleaning under the bed and on top of the cupboards.
What! Another bludy update!
Oh sorry, yes it's Wednesday already isn't it ... OK, I'll start applying today's patches - I should be done by beer thirty.
I wonder what tomorrow will bring?
Shockwave - all 2 users will be pissed
Shockwave is the plug-in for certain forms of games, and wasn't as widely adopted as Flash.
Re: Shockwave - all 2 users will be pissed
Write out 100 times: "There's a lot of educational software written in Shockwave."
Re: Shockwave - all 2 users will be pissed
"There's a lot of educational software written in Shockwave."
but norm its in an shockwave software cd's warped .exe so
Problem is no one ever updates it
This topic is closed for new posts.
