Adobe has addressed six security issues in its Shockwave Player by releasing an update to the service.
Five of the faults are defined as buffer flow vulnerabilities and one as an "array out of bounds vulnerability," all of which affect Shockwave Player 22.214.171.1247 and earlier versions on Windows and Macintosh platforms.
According to Adobe, Shockwave Player 126.96.36.1998, which was made available yesterday, fixes "vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system."
The security weaknesses have been categorised as "critical" and ascribed a priority rating of two.
According to Adobe's definition of priority two, "There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent."
Shockwave Player is claimed to be installed on 450 million desktops worldwide.
Adobe credited CERT's Will Dormann and Honggang Ren of Fortinet's FortiGuard Labs for the discovery of the faults.