174 matches found
CVE-2012-2030
Adobe Shockwave Player (pre-11.6.5.635) is vulnerable to CVE-2012-2030 due to a memory corruption error when parsing rcsL RIFF chunks in DIR/DCR files, enabling remote code execution or a DoS. The issue is triggered by crafted Shockwave content and affects multiple OS/architectures; patches/relea...
CVE-2012-0759
CVE-2012-0759 concerns Adobe Shockwave Player. Connected sources specify that the vulnerability is in Shockwave Player before version 11.6.4.634, enabling attackers to execute arbitrary code or cause a denial of service via memory corruption through unspecified vectors (a separate issue from CVE-...
CVE-2015-7649
Adobe Shockwave Player is affected by CVE-2015-7649 (memory corruption) in versions prior to 12.2.1.171. The vulnerability enables remote code execution or memory corruption due to improper input validation in Shockwave’s plugin on Windows and Mac OS X. Root cause: memory corruption. Impact: remo...
CVE-2017-3086
Adobe Shockwave Player (Windows) versions prior to 12.2.9.199 are affected by a memory corruption vulnerability (CVE-2017-3086) that could allow remote arbitrary code execution. The issue is due to memory corruption in the Shockwave plugin; exploitation is described as memory corruption with pote...
CVE-2015-5120
Adobe Shockwave Player is affected by CVE-2015-5120: memory corruption allowing arbitrary code execution or denial of service via unspecified vectors. Affected versions include prior to 12.1.9.159 (per descriptions), with related entries noting vulnerabilities up to 12.1.8.x. The vulnerability is...
CVE-2012-0771
Technical details about CVE-2012-0771 are not provided in the supplied documents. The connected entries reference related items but do not describe affected products, root cause, impact, or fixes for this CVE. Monitor for updates.
CVE-2015-6680
Adobe Shockwave Player is vulnerable to a memory corruption flaw that can allow arbitrary code execution or a denial of service. The issue affects versions prior to 12.2.0.162; upgrading to 12.2.0.162 or later is the stated remedy across multiple sources (CNVD/NVD and related advisories). The vul...
CVE-2017-2983
Summary of CVE-2017-2983 : The vulnerability affects Adobe Shockwave Player versions up to 12.2.7.197. The issue is an insecure library loading (DLL hijacking) flaw that could allow an unauthenticated attacker to trigger arbitrary code execution and potential privilege escalation by loading a mal...
CVE-2015-6681
CVE-2015-6681 affects Adobe Shockwave Player before version 12.2.0.162. The vulnerability enables memory corruption that could allow an attacker to execute arbitrary code or cause a denial of service via unspecified vectors. The OpenVAS entry for Adobe Shockwave indicates this is a Windows-relate...
CVE-2015-5121
CVE-2015-5121 affects Adobe Shockwave Player: memory corruption vulnerability that can lead to arbitrary code execution or denial of service via unspecified vectors. Affected versions are before 12.1.9.159 (per NVD); remediation is to update to 12.1.9.159 or later. Connected documents corroborate...
CVE-2019-7098
CVE-2019-7098 affects Adobe Shockwave Player 12.3.4.204 and earlier, with a memory corruption vulnerability that could lead to arbitrary code execution. Connected sources confirm impact on Shockwave Player and identify the affected version range (Windows/macOS) and the root cause as memory corrup...
CVE-2007-5275
CVE-2007-5275 is an Adobe Flash Player plug-in issue affecting Flash 9 where a Flash movie can remotely induce the victim to establish TCP sessions to arbitrary hosts due to DNS rebinding-like behavior and insufficient hostname-IP pinning after processing cross-domain policy (allow-access-from). ...
CVE-2009-1860
Adobe Shockwave Player is affected by CVE-2009-1860, a remote code execution vulnerability triggered by loading a crafted Adobe Director file. The issue affects Shockwave Player versions up to 11.5.0.596, with remediation provided by upgrading to 11.5.0.600 (Windows). The vulnerability enables co...
CVE-2019-7100
CVE-2019-7100 affects Adobe Shockwave Player and is linked to a memory corruption vulnerability in versions 12.3.4.204 and earlier that could enable arbitrary code execution. Red Hat/EUVD/NVD and OpenVAS entries corroborate the issue as a memory corruption family, with the vulnerability impacting...
CVE-2019-7101
Adobe Shockwave Player (versions 12.3.4.204 and earlier) contains a memory corruption vulnerability that could allow arbitrary code execution. The Red Hat/NVD/NESUS and CVE records confirm the issue affects Shockwave, with exploitation described as memory corruption. Remediation guidance from APS...
CVE-2010-1290
Adobe Shockwave Player is affected by CVE-2010-1290 as part of multiple memory-corruption vulnerabilities in versions
CVE-2010-3653
Adobe Shockwave Player is affected by CVE-2010-3653 through the Director module (dirapi.dll). A memory corruption/remote code execution condition is triggered by parsing a crafted rcsL chunk in a Director movie, with exploits observed in the wild around Oct 2010. Affected versions are Shockwave P...
CVE-2019-7102
Adobe Shockwave Player versions 12.3.4.204 and earlier are affected by multiple memory corruption vulnerabilities, leading to arbitrary code execution on successful exploitation. The Red Hat/EUVD/NVD/CVE-NVD entries confirm the same issue across Windows/macOS, with the root cause being memory cor...
CVE-2010-1289
Technical details for CVE-2010-1289 are not publicly provided in the supplied documents. Monitor for updates from official advisories.
CVE-2010-1280
Adobe Shockwave Player is affected by CVE-2010-1280: versions prior to 11.5.7.609 are vulnerable to remote code execution or memory corruption when processing specially crafted .dir files due to an erroneous dereference and a specific Shock.dir file. Affected product: Adobe Shockwave Player. Root...
CVE-2010-2581
CVE-2010-2581 is a memory-corruption vulnerability in Adobe Shockwave Player affecting the DIRAPI.dll module. According to the provided sources, it is triggered by parsing a crafted Director file with a malformed pamm chunk (invalid size or sub-chunk count), leading to potential arbitrary code ex...
CVE-2019-7103
CVE-2019-7103 affects Adobe Shockwave Player ≤ 12.3.4.204. The issue is a memory corruption vulnerability that could allow arbitrary code execution. Exploitation details are not provided in the documents. Adobe released APSB19-20 to address multiple memory corruption vulnerabilities in Shockwave ...
CVE-2010-0128
CVE-2010-0128 affects Adobe Shockwave Player < 11.5.7.609 and Adobe Director
CVE-2011-0555
CVE-2011-0555 affects Adobe Shockwave Player (TextXtra.x32). A crafted DEMX RIFF chunk in a Director file triggers incorrect buffer allocation during parsing, leading to remote code execution or heap memory corruption. Affected: Shockwave Player versions before 11.5.9.620. Mitigation: update to 1...
CVE-2010-1282
Adobe Shockwave Player (Windows/macOS; prior to 11.5.7.609) is vulnerable due to parsing a specially crafted Director (.dir) file; a crafted ATOM size can trigger an infinite loop and high CPU usage, causing remote denial of service. Multiple connected sources corroborate CVE-2010-1282 and relate...
CVE-2010-1284
Adobe Shockwave Player affected: all builds prior to 11.5.7.609 are vulnerable to memory corruption and possible arbitrary code execution via unspecified vectors (CVE-2010-1284). Root cause: memory corruption in Shockwave processing. Impact: potential code execution or denial of service. Remediat...
CVE-2012-0764
The CVE-2012-0764 entry concerns the Shockwave 3D Asset component in Adobe Shockwave Player prior to 11.6.4.634, where memory corruption can lead to arbitrary code execution or DoS via unspecified vectors. The incident is tied to a family of similar Shockwave vulnerabilities (e.g., CVE-2012-0757,...
CVE-2019-7104
CVE-2019-7104 affects Adobe Shockwave Player, versions 12.3.4.204 and earlier. The vulnerability is described as a memory corruption flaw in Shockwave Player that could allow arbitrary code execution when exploited. Multiple connected sources confirm the same issue and indicate the impact is at t...
CVE-2010-4086
CVE-2010-4086 affects Adobe Shockwave Player prior to 11.5.9.615. The vulnerability resides in the dirapi.dll component and is triggered by a crafted Director (.dir) media file with an invalid element size, leading to arbitrary code execution or memory corruption (also described as potential DoS)...
CVE-2019-7099
Summary: CVE-2019-7099 affects Adobe Shockwave Player. The vulnerability is a memory corruption issue in Shockwave Player versions 12.3.4.204 and earlier, with potential for arbitrary code execution if exploited. Public sources in the connected set confirm the affected product and version range a...
CVE-2009-3464
CVE-2009-3464 affects Adobe Shockwave Player prior to 11.5.2.602. The vulnerability is described as an invalid pointer vulnerability in the processing of crafted Shockwave content, which could allow remote code execution. Some sources group this with multiple related issues under APSB09-16. The d...
CVE-2010-3655
CVE-2010-3655 affects Adobe Shockwave Player prior to 11.5.9.615, due to a stack-based buffer overflow in the DIRAPI.DLL when parsing Lnam chunk data, enabling arbitrary code execution. Affected software is Adobe Shockwave Player (plug-in), with vulnerable component in dirapi.dll. The issue is tr...
CVE-2012-0757
The CVE-2012-0757 issue concerns the Shockwave 3D Asset component in Adobe Shockwave Player prior to version 11.6.4.634, which is vulnerable to arbitrary code execution or memory corruption via unspecified vectors. Public references in Red Hat CVE records reiterate the same vulnerability as CVE-2...
CVE-2010-0129
Adobe Shockwave Player is affected by CVE-2010-0129 due to multiple integer overflows leading to memory corruption via specially crafted Director (.dir) files. The vulnerability affects Shockwave Player prior to 11.5.7.609 and can enable remote memory corruption or potential arbitrary code execut...
CVE-2010-2582
CVE-2010-2582 affects Adobe Shockwave Player (Windows/macOS) via a heap-based buffer overflow in the TextXtra.x32 DEMX chunk parsing, caused by a failure to reallocate a buffer to fit chunk data. Public docs consistently describe this as a vulnerability that allows remote code execution if a craf...
CVE-2012-0763
CVE-2012-0763 affects Adobe Shockwave Player, specifically the Shockwave 3D Asset component. The vulnerability allows arbitrary code execution or a denial of service via memory corruption in affected Shockwave Player versions prior to 11.6.4.634, with vectors unspecified in the provided documents...
CVE-2010-0987
Adobe Shockwave Player contains a heap-based buffer overflow (CVE-2010-0987) exploitable via crafted embedded fonts in Shockwave files. Affected product: Shockwave Player before version 11.5.7.609. Connected sources corroborate the vulnerability as part of multiple font-related shocks and describ...
CVE-2010-1287
Adobe Shockwave Player for Windows/macOS prior to 11.5.7.609 is affected by multiple memory corruption vulnerabilities, including CVE-2010-1287, that can cause denial of service or potentially allow arbitrary code execution via unspecified vectors. The vulnerability family is evidenced by multipl...
CVE-2010-1291
Technical details for CVE-2010-1291 are not publicly provided in the supplied documents; the Connected documents do not specify affected software versions, root cause, or remediation. Monitor for updates.
CVE-2012-2029
Adobe Shockwave Player is affected by CVE-2012-2030/2031/2032/2033 due to a memory corruption error when parsing crafted DIR/DCR/RIFF chunks (rcsL) in Shockwave files. A remote attacker can exploit this by convincing a user to open a specially crafted file, potentially leading to arbitrary code e...
CVE-2009-3463
CVE-2009-3463 affects Adobe Shockwave Player prior to 11.5.2.602, with an array index error that could allow remote code execution via crafted Shockwave content on a web site. The issue is part of APSB09-16 and is accompanied by related CVEs (3464–3466). The documented impact is arbitrary code ex...
CVE-2010-0986
Adobe Shockwave Player is affected by CVE-2010-0986 (asset entry processing issue) leading to memory corruption and possible arbitrary code execution. The vulnerability affects Shockwave Player prior to version 11.5.7.609. Secunia’s advisory notes remediation to update to 11.5.7.609. Other source...
CVE-2010-2868
Adobe Shockwave Player contains a memory corruption/remote code execution risk due to IML32.dll failing to parse .dir files. A malformed .dir file (e.g., offset 0x320D) can cause memory corruption or code execution. Affected: Shockwave Player
CVE-2012-0762
CVE-2012-0762 affects the Shockwave 3D Asset component in Adobe Shockwave Player; prior to version 11.6.4.634, it allows attackers to execute arbitrary code or cause memory corruption/DoS via unspecified vectors. This is documented in Red Hat CVEs list as part of a family to CVE-2012-0757/0760/07...
CVE-2010-1288
CVE-2010-1288 is a buffer overflow in Adobe Shockwave Player prior to version 11.5.7.609 that could allow arbitrary code execution via unspecified vectors. The vulnerability is part of a set of issues targeted by Adobe APSB10-12, affecting Shockwave Player 11.5.6.606 and earlier on Windows and ma...
CVE-2010-1292
CVE-2010-1292 affects Adobe Shockwave Player prior to 11.5.7.609. The vulnerability arises in the pami RIFF chunk parsing, where a value from a file is not validated before being used in file-pointer calculations, enabling a remote attacker to execute arbitrary code or cause memory corruption via...
CVE-2010-2587
Adobe Shockwave Player (dirapi.dll) is affected by CVE-2010-2587 and related CVEs due to a parsing flaw in the IFWV chunk size handling that can lead to memory corruption and potentially arbitrary code execution or a denial of service. Affected product/version: Shockwave Player prior to 11.5.9.62...
CVE-2010-2865
Adobe Shockwave Player prior to 11.5.8.612 is affected by CVE-2010-2865, a denial-of-service vulnerability reported in APSB10-20. The issue is described as an unspecified DoS via unknown vectors, with the macro summary indicating memory-related issues across Shockwave components. The advisory not...
CVE-2010-2870
Adobe Shockwave Player (DIRAPIX.dll) up to version 11.5.8.612 is vulnerable due to improper validation of a chunk size in the mmap chunk of Director movies, enabling remote code execution or heap memory corruption. The flaw resides in the RIFF-based Director file format parsing within the DIRAPIX...
CVE-2010-4188
CVE-2010-4188 affects Adobe Shockwave Player and involves a heap-based buffer overflow in the dirapi.dll module caused by processing a Director movie with an IFWV chunk size of 0. This can lead to remote code execution or memory corruption. The vulnerability is part of a set of issues in Shockwav...