The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.