Adobe Shockwave Director tSAC - Chunk Memory Corruption

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : Adobe Shockwave Director tSAC Chunk memory corruption Version : dirapi.dll 11.5.7 Analysis : http://www.abysssec.com Vendor...

Adobe Shockwave Director tSAC Chunk String Termination Memory Corruption (CVE-2011-2118)

A memory corruption vulnerability has been reported in Adobe Shockwave Player. The vulnerability is due to an error in the way that Adobe Shockwave Player processes tSAC chunks in specially crafted Director files. Remote attackers can exploit this vulnerability by enticing a target user to open a...

CVE-2011-2115

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116...

Heap overflow

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116...

Adobe Shockwave tSAC Chunk String Termination Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Shockwave Director tSAC Chunk Invalid Seek Memory Corruption (CVE-2010-2875)

Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A remote code execution vulnerability has been identified in Adobe Shockwave Player. The vulnerability is d...

Adobe Shockwave Director tSAC Chunk Memory Corruption

Exploit for windows platform in category dos / poc ===================================================== Adobe Shockwave Director tSAC Chunk Memory Corruption ===================================================== Title : Adobe Shockwave Director tSAC Chunk memory corruption Version : dirapi.dll...

Month Of Abysssec Undisclosed Bugs - Adobe Shockwave Director

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | """ htmlTest = open'poc.html', 'wb' htmlTest.writetemp htmlTest.close sampleFile = open'sample.dir','rb' pocFile = open"poc.DIR",'wb' pocFile.writesampleFile.read-1 sampleFile.close pocFile.seek13168...

Adobe Shockwave Director tSAC - Chunk Memory Corruption

Adobe Shockwave Director tSAC - Chunk Memory Corruption ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | """ htmlTest = open'poc.html', 'wb' htmlTest.writetemp htmlTest.close sampleFile = open'sample.dir','rb' pocFile = open"poc.DIR",'wb'...

Adobe Shockwave Director tSAC - Chunk Memory Corruption

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | """ htmlTest = open'poc.html', 'wb' htmlTest.writetemp htmlTest.close sampleFile = open'sample.dir','rb' pocFile = open"poc.DIR",'wb' pocFile.writesampleFile.read-1 sampleFile.close pocFile.seek13168...

Integer overflow

Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a count value associated with an "undocumented structure" and the tSAC chunk in a Director movie...

ZDI-10-163: Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability

ZDI-10-163: Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-163 August 24, 2010 -- CVE ID: CVE-2010-2874 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Play...

Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Multiple bugs in ActiveX components

Local files access in applet com.ms.xml.dso.XMLDSO.class and XMLHTTPConnection ActiveX, buffer overflow in xweb.ocx ActiveX Microsoft DirectX Files Viewer, TSAC and File Transfer Manager FTM ActiveX...

CVE-2002-0726

CVE-2002-0726 corresponds to a buffer overflow in the Microsoft Terminal Services Advanced Client (TSAC) ActiveX control. The vulnerability allows remote attackers to execute arbitrary code by sending a long server-name value, enabling code execution with the victim’s privileges. The issue is lin...

[SNS Advisory No.56] TSAC Web package/IIS 5.1 connect.asp Cross-site Scripting Vulnerability

---------------------------------------------------------------------- SNS Advisory No.56 TSAC Web package/IIS 5.1 connect.asp Cross-site Scripting Vulnerability Problem first discovered: Wed, 17 Apr 2002 Published: Fri, 11 Oct 2002 Reference: http://www.lac.co.jp/security/english/snsadve/56e.htm...

Security Bulletin MS02-046: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521)

---------------------------------------------------------------------- Title: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution Q327521 Date: 22 August 2002 Software: Microsoft Terminal Services Advanced Client TSAC ActiveX control, which can be installed on any Windows system...