According to PCWorld.com, Adobe is fixing five vulnerabilities in its Shockwave Player.
Classified as "critical," the update affects version 184.108.40.2061 and earlier versions. Four of the bugs could allow remote code execution, while the fifth one could lead to a denial-of-service condition.
As The H Security notes, the flaws were discovered by French company VUPEN Security, which found that for an attack to be successful, a victim must first visit a specially crafted site.
You can download version 220.127.116.112 here.