A new buffer overflow vulnerability has been reported in Shockwave player installer for versions 10.1.0.11 and prior, however, the vulnerability occurs only during the installation process and no action needs to be taken by current users. Shockwave player should only be installed from the Macromedia site where the latest installer does not have this problem.
The vulnerability is considered to be critical in that successful exploitation will compromise the user's computer. Full details may be found here (http://www.macromedia.com/devnet/security/security_zone/apsb06-02.html).