Adobe Shockwave Player Multiple Remote Code Execution and Denial of Service Vulnerabilities

http://www.securityfocus.com/bid/36905

"Adobe Shockwave Player is prone to a multiple remote code-execution and
denial-of-service vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the
context of the currently logged-in user and to cause denial-of-service
conditions.

Versions prior to Shockwave Player 11.5.2.602 for Microsoft Windows and
Apple Mac OS X are vulnerable. "

It is recommended that users update to version 11.5.2.602 for Microsoft
Windows and Apple Macintosh.