Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011

This host is installed with Adobe Shockwave Player and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeshockwaveplayermultcodeexecvulnfeb11.nasl 5424 2017-02-25 16:52:36Z teissa $ Adobe Shockwave Player Multiple Remote Code Execution...

Security update available for Shockwave Player

Security update available for Shockwave Player Release date: February 8, 2011 Vulnerability identifier: APSB11-01 CVE number: CVE-2010-2587, CVE-2010-2588, CVE-2010-2589, CVE-2010-4092, CVE-2010-4093, CVE-2010-4187, CVE-2010-4188, CVE-2010-4189, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192,...

Buffer overflow

The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different...

CVE-2011-0556

Adobe Shockwave Player (Windows/macOS) is affected by CVE-2011-0556 via the Font Xtra.x32 module. The vulnerability stems from parsing the PFR1 chunk where a 16-bit size value is sign-extended, enabling memory corruption and arbitrary code execution or a crash. Affected versions are before 11.5.9...

Shockwave Player < 11.5.9.620 (APSB11-01)

The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.9.620. Such versions are potentially affected by the following issues : - Several unspecified errors exist in the 'dirapi.dll' module that may allow arbitrary code execution. CVE-2010-2587,...