20 matches found
Adobe Shockwave player vulnerable to downgrading
Overview Adobe Shockwave Player may automatically install a legacy version of the runtime, which can increase the attack surface of systems that have Shockwave installed. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe...
Adobe Shockwave player provides vulnerable Flash runtime
Overview Adobe Shockwave Player 12.1.1.151 and earlier versions on the Windows and Macintosh operating systems provide a vulnerable version of the Flash runtime. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe Director...
ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability
ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-204 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Playe...
Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave Director tSAC Chunk Invalid Seek Memory Corruption (CVE-2010-2875)
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A remote code execution vulnerability has been identified in Adobe Shockwave Player. The vulnerability is d...
TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability
TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-05 February 8, 2011 -- CVE ID: CVE-2011-0569 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...
CVE-2010-4187
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a malformed chunk in a Director file, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306...
Adobe Shockwave Player Director File SetVertexArray Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within code...
Adobe Shockwave Player MMAP Entry Size Memory Corruption (APSB10-25; CVE-2010-4084; CVE-2010-4086)
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A memory corruption vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...
Adobe Shockwave Player CSWV Record Length Memory Corruption (APSB10-25; CVE-2010-4087)
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A memory corruption vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...
Adobe Shockwave Player DIRAPI.dll Denial of Service (APSB10-20; CVE-2010-2865)
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A denial of service vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...
Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...
Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave Player MMAP Size Memory Corruption (APSB10-20; CVE-2010-2870)
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A memory corruption vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...
Adobe Shockwave Player MCsL Parsing Memory Corruption (APSB10-20; CVE-2010-2881)
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A memory corruption vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...
CVE-2010-1283
Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir aka Director files, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a modified field in a 0xFFFFFF49 record...
Adobe Shockwave Player 0xFFFFFF49 Record Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the code responsible for parsing 3D objec...