Adobe Shockwave Player <= 11.5.9.620 (APSB11-17) (Mac OS X)

The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.9.620 or earlier. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption vulnerabilities affect the 'Dirapi.dll' component that can result in arbitrary code execution. CVE-2011-0317,...

Adobe Shockwave Director File KEY Chunk Parsing Buffer Overflow (APSB11-17; CVE-2011-2111)

A buffer overflow vulnerability has been reported in Adobe Shockwave Player. The vulnerability is due to a mishandling of the Chunk Size field value. Remote attackers can exploit this vulnerability by persuading a target user to open a specially crafted DIR or DCR file with a vulnerable product...

TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability

TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-08 June 15, 2011 -- CVE ID: CVE-2011-2111 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Play...

TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability

TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-07 June 15, 2011 -- CVE ID: CVE-2011-2111 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player -...

ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability

ZDI-11-212: Adobe Shockwave KEY Chunk Invalid Size Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-212 June 14, 2011 -- CVE ID: CVE-2011-2111 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability

ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-206 June 14, 2011 -- CVE ID: CVE-2011-2111 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

CVE-2011-2111

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116...

Memory corruption

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115...

CVE-2011-2111

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116...

CVE-2011-2116

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115...

CVE-2011-2111

Adobe Shockwave Player (Windows/macOS) is affected by CVE-2011-2111 due to a memory-corruption vulnerability in IML32.dll triggered by malformed DEMX chunk GIF parsing. Exploitation can lead to arbitrary code execution or crash; vendor patch APSB11-17 addressed this in 11.6.0.626+. Connected advi...

CVE-2011-2116

CVE-2011-2116 affects Adobe Shockwave Player; the vulnerability arises from parsing the Lnam chunk in Shockwave’s RIFF-based Director files, causing memory corruption in IML32.dll and enabling remote code execution. Affected product: Adobe Shockwave Player (IML32.dll). Impact: remote arbitrary co...