Input validation

2011-02-1016:00:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.0%

JSON

The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

CPENameOperatorVersion
shockwave_playereq8.5.324
shockwave_playereq5.0
shockwave_playereq4.0
shockwave_playereq8.5.1
shockwave_playereq10.1.4.020
shockwave_playereq11.5.1.601
shockwave_playereq11.0.0.456
shockwave_playereq6.0
shockwave_playerle11.5.9.615
shockwave_playereq8.0.204

Name	Operator	Version
shockwave_player	eq	8.5.324
shockwave_player	eq	5.0
shockwave_player	eq	4.0
shockwave_player	eq	8.5.1
shockwave_player	eq	10.1.4.020
shockwave_player	eq	11.5.1.601
shockwave_player	eq	11.0.0.456
shockwave_player	eq	6.0
shockwave_player	le	11.5.9.615
shockwave_player	eq	8.0.204