Adobe has issued a security update for its Shockwave Player after discovering a "critical" vulnerability.

The bug, CVE-2014-0505, affects Shockwave Player 12.0.9.149 and earlier versions that run on the Windows and Mac operating systems, according to a recent security bulletin. The update addresses a memory corruption flaw which, if leveraged, could lead to remote code execution.

The vulnerability, discovered by Honggang Ren of Fortinet's FortiGuard Labs, was given a priority rating of 2, which indicates that there are “currently no known exploits.” Adobe urges users to update to the 12.1.0.150 version via the instructions provided in its security bulletin.

On Tuesday Adobe issued security fixes for two non-critical vulnerabilities affecting its Flash Player.