Lucene search

PRIOn knowledge basePRION:CVE-2011-0556

HistoryFeb 10, 2011 - 4:00 p.m.

Memory corruption

2011-02-1016:00:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.3%

JSON

The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569.

CPENameOperatorVersion
shockwave_playereq8.5.324
shockwave_playereq5.0
shockwave_playereq4.0
shockwave_playereq8.5.1
shockwave_playereq10.1.4.020
shockwave_playereq11.5.1.601
shockwave_playereq11.0.0.456
shockwave_playereq6.0
shockwave_playerle11.5.9.615
shockwave_playereq8.0.204

Name	Operator	Version
shockwave_player	eq	8.5.324
shockwave_player	eq	5.0
shockwave_player	eq	4.0
shockwave_player	eq	8.5.1
shockwave_player	eq	10.1.4.020
shockwave_player	eq	11.5.1.601
shockwave_player	eq	11.0.0.456
shockwave_player	eq	6.0
shockwave_player	le	11.5.9.615
shockwave_player	eq	8.0.204

Rows per page:

1-10 of 421

References

dvlabs.tippingpoint.com/advisory/TPTI-11-03

www.adobe.com/support/security/bulletins/apsb11-01.html

www.securityfocus.com/archive/1/516336/100/0/threaded

www.securityfocus.com/bid/46328

www.securitytracker.com/id?1025056

www.vupen.com/english/advisories/2011/0335

exchange.xforce.ibmcloud.com/vulnerabilities/65258

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.3%

JSON

Related for PRION:CVE-2011-0556