Lucene search

K
AdobeShockwave Player8.5.324

32 matches found

CVE
CVE
added 2010/10/26 6:0 p.m.62 views

CVE-2010-3653

The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in ...

9.3CVSS7.6AI score0.77779EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.57 views

CVE-2010-2581

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director file containing a crafted pamm chunk with an invalid (1) size and (2) number of sub-chunks, a different vulnerability than CVE-201...

9.3CVSS7.6AI score0.06926EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.56 views

CVE-2010-4086

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Director (.dir) media file with an invalid element size, a different vulnerability than CVE-2010-2581, CVE-2010-2880, CVE-2010-4084, CVE-2...

9.3CVSS7.4AI score0.08873EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.55 views

CVE-2010-3655

Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.9AI score0.22274EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.52 views

CVE-2010-4089

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087.

9.3CVSS7.5AI score0.08371EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.51 views

CVE-2010-2582

An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when processing a DEMX chunk in a Director file, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code.

9.3CVSS7.8AI score0.09881EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.51 views

CVE-2010-2865

Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service via unknown vectors.

5CVSS6.3AI score0.01068EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.51 views

CVE-2010-2868

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x320D...

9.3CVSS7.9AI score0.07967EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.51 views

CVE-2010-2870

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk size in the mmap chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

9.3CVSS7.6AI score0.08315EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.51 views

CVE-2010-4085

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4086, and CVE-2010-4088.

9.3CVSS7.6AI score0.06926EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.50 views

CVE-2010-2872

Adobe Shockwave Player before 11.5.8.612 does not properly validate an offset value in the pami RIFF chunk in a Director movie, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted movie.

9.3CVSS7.6AI score0.11046EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.49 views

CVE-2010-2869

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3712 of a cer...

9.3CVSS7.7AI score0.07967EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.49 views

CVE-2010-2879

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted (1) element count or (2) element size value in a file.

9.3CVSS7.6AI score0.17806EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.49 views

CVE-2010-4084

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088.

9.3CVSS7.6AI score0.06926EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.49 views

CVE-2010-4090

Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

9.3CVSS7.8AI score0.0613EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.48 views

CVE-2010-2863

Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

10CVSS7.9AI score0.09538EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.48 views

CVE-2010-2864

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x24C6 of a cer...

9.3CVSS7.7AI score0.07967EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.48 views

CVE-2010-2866

Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a count value associated with an "undocumented structure" and the tSAC chunk in a Director movie.

9.3CVSS7.7AI score0.38971EPSS
CVE
CVE
added 2010/09/07 6:0 p.m.48 views

CVE-2010-2874

Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption. NOTE: due to conflicting information and use of the same CVE identifier by the vendor, ZDI, and TippingPoint, it is not clear w...

9.3CVSS7.4AI score0.10341EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.48 views

CVE-2010-2875

Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a length value associated with the tSAC chunk in a Director movie.

9.3CVSS7.7AI score0.11905EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.48 views

CVE-2010-4088

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with "duplicated references to the same KEY* chunk," a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4085, and CVE...

9.3CVSS7.4AI score0.06926EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.47 views

CVE-2010-2877

Adobe Shockwave Player before 11.5.8.612 does not properly validate a count value in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to IML32X.dll and DIRAPIX.dll.

9.3CVSS7.7AI score0.13674EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.47 views

CVE-2010-2880

DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x47 of a cert...

9.3CVSS7.6AI score0.08873EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.46 views

CVE-2010-2876

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a (1) .dir or (2) .dcr Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a cr...

9.3CVSS7.6AI score0.11046EPSS
CVE
CVE
added 2010/10/29 7:0 p.m.46 views

CVE-2010-4087

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with a crafted mmap record containing an invalid length of a VSWV entry, a different vulnerability than CVE-2010-4089.

9.3CVSS7.4AI score0.08371EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.45 views

CVE-2010-2873

Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

9.3CVSS7.6AI score0.11046EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.45 views

CVE-2010-2882

DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3812 of a ce...

9.3CVSS7.7AI score0.08873EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.44 views

CVE-2010-2871

Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie.

9.3CVSS7.8AI score0.14291EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.43 views

CVE-2010-2878

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

9.3CVSS7.8AI score0.13674EPSS
CVE
CVE
added 2010/11/05 9:0 p.m.43 views

CVE-2010-4092

Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details ar...

9.3CVSS7.6AI score0.03998EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.42 views

CVE-2010-2867

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to a...

9.3CVSS7.6AI score0.08154EPSS
CVE
CVE
added 2010/08/26 9:0 p.m.39 views

CVE-2010-2881

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x24C0 of a cer...

9.3CVSS7.7AI score0.08873EPSS