19 matches found
Adobe Shockwave Player <= 11.5.9.615 (APSB11-01) (Mac OS X)
The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.9.615 or earlier. It is, therefore, affected by multiple vulnerabilities : - Several unspecified errors exist in the 'dirapi.dll' module that allow arbitrary code execution. CVE-2010-2587, CVE-2010-2588,...
Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within AudioMixer.x32...
CVE-2010-4192
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555,...
CVE-2010-4189
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...
Memory corruption
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...
Heap overflow
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to ...
Integer overflow
Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption...
CVE-2010-4189
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...
CVE-2010-4188
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to ...
Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave Player 0xFFFFFF45 Record Count Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2010-2875
Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a length value associated with the tSAC chunk in a Director movie...
CVE-2010-2867
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...
Integer overflow
Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie...
Memory corruption
Adobe Shockwave Player before 11.5.8.612 does not properly validate an offset value in the pami RIFF chunk in a Director movie, which allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a crafted movie...
Integer overflow
Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a length value associated with the tSAC chunk in a Director movie...
Null pointer dereference
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...
CVE-2010-2866
Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a count value associated with an "undocumented structure" and the tSAC chunk in a Director movie...