3 matches found
CVE-2001-0166
CVE-2001-0166 affects the Macromedia Shockwave/Flash plug-in (version 8 and earlier). The vulnerability arises from malformed SWF tag length fields, triggering a buffer overflow on processing the file, which may crash the plug-in and cause a denial of service. CERT reports the issue as a crash (D...
CVE-1999-1526
The CVE-1999-1526 entry concerns Macromedia Shockwave 7’s auto-update feature, which transmits a user’s password and hard disk information back to Macromedia. The document indicates this affects confidentiality (partial impact) with no stated impact to integrity or availability and does not speci...
CVE-1999-1525
Macromedia Shockwave before 6.0 is affected. A malicious webmaster can read a user’s mailbox and potentially access internal web servers via the GetNextText command on a Shockwave movie, as described. The impact is partial confidentiality and possible internal access; exploitation details or reme...