Lucene search

[email protected]CVE-2010-2866

HistoryAug 26, 2010 - 9:00 p.m.

CVE-2010-2866

2010-08-2621:00:01

CWE-189

[email protected]

web.nvd.nist.gov

cve-2010-2866

adobe shockwave player

integer signedness error

memory corruption

arbitrary code execution

nvd

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.85 High

EPSS

Percentile

98.6%

JSON

Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a count value associated with an “undocumented structure” and the tSAC chunk in a Director movie.

Affected configurations

NVD

Node

adobeshockwave_playerRange≤11.5.7.609

adobeshockwave_playerMatch1.0

adobeshockwave_playerMatch2.0

adobeshockwave_playerMatch3.0

adobeshockwave_playerMatch4.0

adobeshockwave_playerMatch5.0

adobeshockwave_playerMatch6.0

adobeshockwave_playerMatch8.0

adobeshockwave_playerMatch8.0.196

adobeshockwave_playerMatch8.0.196a

adobeshockwave_playerMatch8.0.204

adobeshockwave_playerMatch8.0.205

adobeshockwave_playerMatch8.5.1

adobeshockwave_playerMatch8.5.1.100

adobeshockwave_playerMatch8.5.1.103

adobeshockwave_playerMatch8.5.1.105

adobeshockwave_playerMatch8.5.1.106

adobeshockwave_playerMatch8.5.321

adobeshockwave_playerMatch8.5.323

adobeshockwave_playerMatch8.5.324

adobeshockwave_playerMatch8.5.325

adobeshockwave_playerMatch9

adobeshockwave_playerMatch9.0.383

adobeshockwave_playerMatch9.0.432

adobeshockwave_playerMatch10.0.0.210

adobeshockwave_playerMatch10.0.1.004

adobeshockwave_playerMatch10.1.0.11

adobeshockwave_playerMatch10.1.0.011

adobeshockwave_playerMatch10.1.1.016

adobeshockwave_playerMatch10.1.4.020

adobeshockwave_playerMatch10.2.0.021

adobeshockwave_playerMatch10.2.0.022

adobeshockwave_playerMatch10.2.0.023

adobeshockwave_playerMatch11.0.0.456

adobeshockwave_playerMatch11.0.3.471

adobeshockwave_playerMatch11.5.0.595

adobeshockwave_playerMatch11.5.0.596

adobeshockwave_playerMatch11.5.1.601

adobeshockwave_playerMatch11.5.2.602

adobeshockwave_playerMatch11.5.6.606

CPENameOperatorVersion
adobe:shockwave_playeradobe shockwave playerle11.5.7.609
adobe:shockwave_playeradobe shockwave playereq1.0
adobe:shockwave_playeradobe shockwave playereq2.0
adobe:shockwave_playeradobe shockwave playereq3.0
adobe:shockwave_playeradobe shockwave playereq4.0
adobe:shockwave_playeradobe shockwave playereq5.0
adobe:shockwave_playeradobe shockwave playereq6.0
adobe:shockwave_playeradobe shockwave playereq8.0
adobe:shockwave_playeradobe shockwave playereq8.0.196
adobe:shockwave_playeradobe shockwave playereq8.0.196a

CPE	Name	Operator	Version
adobe:shockwave_player	adobe shockwave player	le	11.5.7.609
adobe:shockwave_player	adobe shockwave player	eq	1.0
adobe:shockwave_player	adobe shockwave player	eq	2.0
adobe:shockwave_player	adobe shockwave player	eq	3.0
adobe:shockwave_player	adobe shockwave player	eq	4.0
adobe:shockwave_player	adobe shockwave player	eq	5.0
adobe:shockwave_player	adobe shockwave player	eq	6.0
adobe:shockwave_player	adobe shockwave player	eq	8.0
adobe:shockwave_player	adobe shockwave player	eq	8.0.196
adobe:shockwave_player	adobe shockwave player	eq	8.0.196a