Lucene search

[email protected]CVE-2011-0556

HistoryFeb 10, 2011 - 4:00 p.m.

CVE-2011-0556

2011-02-1016:00:00

CWE-119

[email protected]

web.nvd.nist.gov

adobe

shockwave player

font xtra.x32

cve-2011-0556

security

vulnerability

nvd

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.5%

JSON

The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569.

CPENameOperatorVersion
adobe:shockwave_playeradobe shockwave playereq8.5.324
adobe:shockwave_playeradobe shockwave playereq5.0
adobe:shockwave_playeradobe shockwave playereq4.0
adobe:shockwave_playeradobe shockwave playereq8.5.1
adobe:shockwave_playeradobe shockwave playereq10.1.4.020
adobe:shockwave_playeradobe shockwave playereq11.5.1.601
adobe:shockwave_playeradobe shockwave playereq11.0.0.456
adobe:shockwave_playeradobe shockwave playereq6.0
adobe:shockwave_playeradobe shockwave playerle11.5.9.615
adobe:shockwave_playeradobe shockwave playereq8.0.204

CPE	Name	Operator	Version
adobe:shockwave_player	adobe shockwave player	eq	8.5.324
adobe:shockwave_player	adobe shockwave player	eq	5.0
adobe:shockwave_player	adobe shockwave player	eq	4.0
adobe:shockwave_player	adobe shockwave player	eq	8.5.1
adobe:shockwave_player	adobe shockwave player	eq	10.1.4.020
adobe:shockwave_player	adobe shockwave player	eq	11.5.1.601
adobe:shockwave_player	adobe shockwave player	eq	11.0.0.456
adobe:shockwave_player	adobe shockwave player	eq	6.0
adobe:shockwave_player	adobe shockwave player	le	11.5.9.615
adobe:shockwave_player	adobe shockwave player	eq	8.0.204

Rows per page:

1-10 of 421

References

dvlabs.tippingpoint.com/advisory/TPTI-11-03

www.adobe.com/support/security/bulletins/apsb11-01.html

www.securityfocus.com/archive/1/516336/100/0/threaded

www.securityfocus.com/bid/46328

www.securitytracker.com/id?1025056

www.vupen.com/english/advisories/2011/0335

exchange.xforce.ibmcloud.com/vulnerabilities/65258

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2011-0556

cve1 prion2 securityvulns4 nessus2 openvas2