Adobe Shockwave Player <= 11.5.7.609 (APSB10-20) (Mac OS X)

The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.7.609 or earlier. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow arbitrary code execution. CVE-2010-2863, CVE-2010-2864, CVE-2010-2866, CVE-2010-2869,...

VulnCheck KEV: CVE-2009-3129

Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset...

Memory corruption

The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...

CVE-2010-4189

The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...

VulnCheck KEV: CVE-2010-3653

The Director module dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited...

Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit)

$Id: ms09067excelfeatheader.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-2867

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...

Null pointer dereference

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...

Shockwave Player < 11.5.8.612

The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.8.612. Such versions are potentially affected by the following issues : - Multiple memory corruption issues exist that could lead to arbitrary code execution. CVE-2010-2863, CVE-2010-2864,...

MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability

This module exploits a vulnerability in the handling of the FEATHEADER record by Microsoft Excel. Revisions of Office XP and later prior to the release of the MS09-067 bulletin are vulnerable. When processing a FEATHEADER Shared Feature record, Microsoft used a data structure from the file to...

Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet. The specific flaw exists in the handling of Shared Feature...