iDefense Security Advisory 02.08.11: Adobe Shockwave Player Memory Corruption Vulnerability

2011-02-11T00:00:00

Description

iDefense Security Advisory 02.08.11 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 08, 2011 I. BACKGROUND Adobe Shockwave Player is a popular Web browser plug-in. It is available for multiple Web browsers and platforms, including Windows, and MacOS. Shockwave Player enables Web browsers to display rich multimedia content in the form of Shockwave videos. For more information, see the vendor's site found at the following link: http://get.adobe.com/shockwave II. DESCRIPTION Remote exploitation of a memory corruption vulnerability in Adobe Systems Inc.'s Shockwave Player could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability takes place during the processing of a malicious Adobe Director file. A malicious user could cause a memory corruption by including malformed data in a chunk. This condition may lead to arbitrary code execution. III. ANALYSIS Exploitation could result in the execution of arbitrary code with the privileges of the user viewing the Web page. To exploit this vulnerability, a targeted user must load a malicious Adobe Director file created by an attacker. An attacker typically accomplishes this via social engineering or injecting content into a compromised, trusted site. IV. DETECTION iDefense has confirmed the existence of this vulnerability in Shockwave Player version 11.5.8.612 and version 11.5.9.615 (the latest version at the time of testing). A full list of vulnerable Adobe products can be found in Adobe Security Bulletin APSB11-01. V. WORKAROUND The killbit for the Shockwave Player ActiveX control can be set by creating the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{233C1507-6A77-46A4-9443-F871F945D258} Under this key create a new DWORD value called "Compatibility Flags" and set its hexadecimal value to 400. To re-enable Shockwave Player set the "Compatibility Flags" value to 0. VI. VENDOR RESPONSE Adobe has addressed this issue with an update. Further details and patches can be found at the following URL. http://www.adobe.com/support/security/bulletins/apsb11-01.html VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2010-4187 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 11/03/2010 Initial Vendor Notification 11/03/2010 Initial Vendor Reply 02/08/2011 Coordinated Public Disclosure IX. CREDIT This vulnerability was reported to iDefense by Andrzej Dyjak. Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php Free tools, research and upcoming events http://labs.idefense.com/ X. LEGAL NOTICES Copyright © 2011 iDefense, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

{"id": "SECURITYVULNS:DOC:25664", "bulletinFamily": "software", "title": "iDefense Security Advisory 02.08.11: Adobe Shockwave Player Memory Corruption Vulnerability", "description": "iDefense Security Advisory 02.08.11\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nFeb 08, 2011\r\n\r\nI. BACKGROUND\r\n\r\nAdobe Shockwave Player is a popular Web browser plug-in. It is available\r\nfor multiple Web browsers and platforms, including Windows, and MacOS.\r\nShockwave Player enables Web browsers to display rich multimedia\r\ncontent in the form of Shockwave videos. For more information, see the\r\nvendor's site found at the following link:\r\n\r\nhttp://get.adobe.com/shockwave\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of a memory corruption vulnerability in Adobe\r\nSystems Inc.'s Shockwave Player could allow an attacker to execute\r\narbitrary code with the privileges of the current user.\r\n\r\nThe vulnerability takes place during the processing of a malicious Adobe\r\nDirector file. A malicious user could cause a memory corruption by\r\nincluding malformed data in a chunk. This condition may lead to\r\narbitrary code execution.\r\n\r\nIII. ANALYSIS\r\n\r\nExploitation could result in the execution of arbitrary code with the\r\nprivileges of the user viewing the Web page. To exploit this\r\nvulnerability, a targeted user must load a malicious Adobe Director\r\nfile created by an attacker. An attacker typically accomplishes this\r\nvia social engineering or injecting content into a compromised, trusted\r\nsite.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed the existence of this vulnerability in Shockwave\r\nPlayer version 11.5.8.612 and version 11.5.9.615 (the latest version at\r\nthe time of testing). A full list of vulnerable Adobe products can be\r\nfound in Adobe Security Bulletin APSB11-01.\r\n\r\nV. WORKAROUND\r\n\r\nThe killbit for the Shockwave Player ActiveX control can be set by\r\ncreating the following registry key:\r\n\r\nHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX\r\nCompatibility\{233C1507-6A77-46A4-9443-F871F945D258}\r\n\r\nUnder this key create a new DWORD value called "Compatibility Flags" and\r\nset its hexadecimal value to 400.\r\n\r\nTo re-enable Shockwave Player set the "Compatibility Flags" value to 0.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nAdobe has addressed this issue with an update. Further details and\r\npatches can be found at the following URL.\r\n\r\nhttp://www.adobe.com/support/security/bulletins/apsb11-01.html\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nname CVE-2010-4187 to this issue. This is a candidate for inclusion in\r\nthe CVE list (http://cve.mitre.org/), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n11/03/2010 Initial Vendor Notification\r\n11/03/2010 Initial Vendor Reply\r\n02/08/2011 Coordinated Public Disclosure\r\n\r\nIX. CREDIT\r\n\r\nThis vulnerability was reported to iDefense by Andrzej Dyjak.\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2011 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDefense. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically,\r\nplease e-mail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\n There are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct,\r\nindirect, or consequential loss or damage arising from use of, or\r\nreliance on, this information.", "published": "2011-02-11T00:00:00", "modified": "2011-02-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25664", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2010-4187"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:38", "edition": 1, "viewCount": 5, "enchantments": {"score": {"value": 7.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-4187"]}, {"type": "nessus", "idList": ["MACOSX_SHOCKWAVE_PLAYER_APSB11-01.NASL", "SHOCKWAVE_PLAYER_APSB11-01.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310801846", "OPENVAS:801846"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25658", "SECURITYVULNS:VULN:11417"]}], "rev": 4}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2010-4187"]}, {"type": "nessus", "idList": ["SHOCKWAVE_PLAYER_APSB11-01.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11417"]}]}, "exploitation": null, "vulnersScore": 7.4}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647605716}}

{"cve": [{"lastseen": "2022-03-23T12:46:09", "description": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4192.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2010-4306", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2011-02-17T05:00:00", "cpe": ["cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:10.1.1.016", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:8.5.1.103"], "id": "CVE-2010-4306", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4306", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:43:57", "description": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed chunk in a Director file, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2010-4187", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2011-02-17T05:00:00", "cpe": ["cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:10.1.1.016", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:8.5.1.103"], "id": "CVE-2010-4187", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4187", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:43:59", "description": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds \"seek\" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2010-4190", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2018-10-11T21:01:00", "cpe": ["cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:10.1.1.016", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:8.5.1.103"], "id": "CVE-2010-4190", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4190", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:44:02", "description": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2010-4192", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2018-10-10T20:07:00", "cpe": ["cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:10.1.1.016", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:8.5.1.103"], "id": "CVE-2010-4192", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4192", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:44:01", "description": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2010-4191", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2011-02-17T05:00:00", "cpe": ["cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:10.1.1.016", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:8.5.1.103"], "id": "CVE-2010-4191", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4191", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:42:16", "description": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2010-4093", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2011-02-17T05:00:00", "cpe": ["cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:10.1.1.016", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:8.5.1.103"], "id": "CVE-2010-4093", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4093", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:38:55", "description": "The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.", "cvss3": {}, "published": "2011-02-10T16:00:00", "type": "cve", "title": "CVE-2011-0555", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4306", "CVE-2011-0555"], "modified": "2018-10-09T19:29:00", "cpe": ["cpe:/a:adobe:shockwave_player:10.2.0.023", "cpe:/a:adobe:shockwave_player:10.0.0.210", "cpe:/a:adobe:shockwave_player:8.0.196", "cpe:/a:adobe:shockwave_player:8.5.325", "cpe:/a:adobe:shockwave_player:9.0.383", "cpe:/a:adobe:shockwave_player:11.0.3.471", "cpe:/a:adobe:shockwave_player:10.1.4.020", "cpe:/a:adobe:shockwave_player:11.5.2.602", "cpe:/a:adobe:shockwave_player:10.2.0.021", "cpe:/a:adobe:shockwave_player:8.0.196a", "cpe:/a:adobe:shockwave_player:10.1.0.11", "cpe:/a:adobe:shockwave_player:8.0", "cpe:/a:adobe:shockwave_player:8.5.1.103", "cpe:/a:adobe:shockwave_player:8.5.1.106", "cpe:/a:adobe:shockwave_player:8.5.1.105", "cpe:/a:adobe:shockwave_player:11.5.6.606", "cpe:/a:adobe:shockwave_player:11.0.0.456", "cpe:/a:adobe:shockwave_player:6.0", "cpe:/a:adobe:shockwave_player:8.5.321", "cpe:/a:adobe:shockwave_player:8.5.324", "cpe:/a:adobe:shockwave_player:4.0", "cpe:/a:adobe:shockwave_player:8.5.323", "cpe:/a:adobe:shockwave_player:11.5.9.615", "cpe:/a:adobe:shockwave_player:11.5.0.595", "cpe:/a:adobe:shockwave_player:11.5.7.609", "cpe:/a:adobe:shockwave_player:5.0", "cpe:/a:adobe:shockwave_player:8.0.205", "cpe:/a:adobe:shockwave_player:10.0.1.004", "cpe:/a:adobe:shockwave_player:11.5.1.601", "cpe:/a:adobe:shockwave_player:9.0.432", "cpe:/a:adobe:shockwave_player:8.5.1.100", "cpe:/a:adobe:shockwave_player:11.5.8.612", "cpe:/a:adobe:shockwave_player:9", "cpe:/a:adobe:shockwave_player:8.5.1", "cpe:/a:adobe:shockwave_player:2.0", "cpe:/a:adobe:shockwave_player:10.1.0.011", "cpe:/a:adobe:shockwave_player:10.2.0.022", "cpe:/a:adobe:shockwave_player:3.0", "cpe:/a:adobe:shockwave_player:1.0", "cpe:/a:adobe:shockwave_player:8.0.204", "cpe:/a:adobe:shockwave_player:11.5.0.596", "cpe:/a:adobe:shockwave_player:10.1.1.016"], "id": "CVE-2011-0555", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0555", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-04-27T19:22:34", "description": "This host is installed with Adobe Shockwave Player and is prone\n to multiple remote code execution vulnerabilities.", "cvss3": {}, "published": "2011-02-15T00:00:00", "type": "openvas", "title": "Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4187", "CVE-2011-0555", "CVE-2010-4307", "CVE-2010-4192", "CVE-2010-4093", "CVE-2010-2589", "CVE-2011-0569", "CVE-2011-0556", "CVE-2010-4189", "CVE-2010-4190", "CVE-2010-4195", "CVE-2010-2588", "CVE-2011-0557", "CVE-2010-4196", "CVE-2010-4193", "CVE-2010-2587", "CVE-2010-4188", "CVE-2010-4191", "CVE-2010-4092", "CVE-2010-4194", "CVE-2010-4306"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801846", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801846", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801846\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-02-15 08:14:35 +0100 (Tue, 15 Feb 2011)\");\n script_cve_id(\"CVE-2010-2587\", \"CVE-2010-2588\", \"CVE-2010-2589\",\n \"CVE-2010-4092\", \"CVE-2010-4093\", \"CVE-2010-4187\",\n \"CVE-2010-4188\", \"CVE-2010-4189\", \"CVE-2010-4190\",\n \"CVE-2010-4191\", \"CVE-2010-4192\", \"CVE-2010-4193\",\n \"CVE-2010-4194\", \"CVE-2010-4195\", \"CVE-2010-4196\",\n \"CVE-2010-4306\", \"CVE-2010-4307\", \"CVE-2011-0555\",\n \"CVE-2011-0556\", \"CVE-2011-0557\", \"CVE-2011-0569\");\n script_bugtraq_id(46146);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/0335\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-01.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_shockwave_player_detect.nasl\");\n script_mandatory_keys(\"Adobe/ShockwavePlayer/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code by\n tricking a user into visiting a specially crafted web page.\");\n script_tag(name:\"affected\", value:\"Adobe Shockwave Player Versions prior to 11.5.9.620 on Windows.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are caused by input validation errors, memory corruptions,\n buffer and integer overflows, and use-after-free errors in the DIRAPI, IML32,\n TextXtra, 3d Asset, and Xtra.x32 modules when processing malformed Shockwave\n or Director files.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Shockwave Player version 11.5.9.620 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Shockwave Player and is prone\n to multiple remote code execution vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://get.adobe.com/shockwave/otherversions/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nshockVer = get_kb_item(\"Adobe/ShockwavePlayer/Ver\");\nif(!shockVer){\n exit(0);\n}\n\nif(version_is_less(version:shockVer, test_version:\"11.5.9.620\")){\n report = report_fixed_ver(installed_version:shockVer, fixed_version:\"11.5.9.620\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:13:34", "description": "This host is installed with Adobe Shockwave Player and is prone\n to multiple remote code execution vulnerabilities.", "cvss3": {}, "published": "2011-02-15T00:00:00", "type": "openvas", "title": "Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4187", "CVE-2011-0555", "CVE-2010-4307", "CVE-2010-4192", "CVE-2010-4093", "CVE-2010-2589", "CVE-2011-0569", "CVE-2011-0556", "CVE-2010-4189", "CVE-2010-4190", "CVE-2010-4195", "CVE-2010-2588", "CVE-2011-0557", "CVE-2010-4196", "CVE-2010-4193", "CVE-2010-2587", "CVE-2010-4188", "CVE-2010-4191", "CVE-2010-4092", "CVE-2010-4194", "CVE-2010-4306"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:801846", "href": "http://plugins.openvas.org/nasl.php?oid=801846", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_shockwave_player_mult_code_exec_vuln_feb11.nasl 5424 2017-02-25 16:52:36Z teissa $\n#\n# Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code by\n tricking a user into visiting a specially crafted web page.\n Impact Level: Application.\";\ntag_affected = \"Adobe Shockwave Player Versions prior to 11.5.9.620 on Windows.\";\ntag_insight = \"Multiple flaws are caused by input validation errors, memory corruptions,\n buffer and integer overflows, and use-after-free errors in the DIRAPI, IML32,\n TextXtra, 3d Asset, and Xtra.x32 modules when processing malformed Shockwave\n or Director files.\";\ntag_solution = \"Upgrade to Adobe Shockwave Player version 11.5.9.620 or later,\n For updates refer to http://get.adobe.com/shockwave/otherversions/\";\ntag_summary = \"This host is installed with Adobe Shockwave Player and is prone\n to multiple remote code execution vulnerabilities.\";\n\nif(description)\n{\n script_id(801846);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-15 08:14:35 +0100 (Tue, 15 Feb 2011)\");\n script_cve_id(\"CVE-2010-2587\", \"CVE-2010-2588\", \"CVE-2010-2589\",\n \"CVE-2010-4092\", \"CVE-2010-4093\", \"CVE-2010-4187\",\n \"CVE-2010-4188\", \"CVE-2010-4189\", \"CVE-2010-4190\",\n \"CVE-2010-4191\", \"CVE-2010-4192\", \"CVE-2010-4193\",\n \"CVE-2010-4194\", \"CVE-2010-4195\", \"CVE-2010-4196\",\n \"CVE-2010-4306\", \"CVE-2010-4307\", \"CVE-2011-0555\",\n \"CVE-2011-0556\", \"CVE-2011-0557\", \"CVE-2011-0569\");\n script_bugtraq_id(46146);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0335\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb11-01.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_shockwave_player_detect.nasl\");\n script_require_keys(\"Adobe/ShockwavePlayer/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nshockVer = get_kb_item(\"Adobe/ShockwavePlayer/Ver\");\nif(!shockVer){\n exit(0);\n}\n\n## Check for Adobe Shockwave Player versions prior to 11.5.9.620\nif(version_is_less(version:shockVer, test_version:\"11.5.9.620\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2021-06-08T19:12:17", "description": "Multiple memory corruptions.", "edition": 2, "cvss3": {}, "published": "2011-02-14T00:00:00", "title": "Adobe Shockwave Player multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-4187", "CVE-2011-0555", "CVE-2010-4307", "CVE-2010-4192", "CVE-2010-4093", "CVE-2010-2589", "CVE-2011-0569", "CVE-2011-0556", "CVE-2010-4189", "CVE-2010-4190", "CVE-2010-4195", "CVE-2010-2588", "CVE-2011-0557", "CVE-2010-4196", "CVE-2010-4193", "CVE-2010-2587", "CVE-2010-4188", "CVE-2010-4191", "CVE-2010-4092", "CVE-2010-4194", "CVE-2010-4306"], "modified": "2011-02-14T00:00:00", "id": "SECURITYVULNS:VULN:11417", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11417", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "description": "Security update available for Shockwave Player\r\n\r\nRelease date: February 8, 2011\r\n\r\nVulnerability identifier: APSB11-01\r\n\r\nCVE number: CVE-2010-2587, CVE-2010-2588, CVE-2010-2589, CVE-2010-4092,\r\nCVE-2010-4093, CVE-2010-4187, CVE-2010-4188, CVE-2010-4189, CVE-2010-4190,\r\nCVE-2010-4191, CVE-2010-4192, CVE-2010-4193, CVE-2010-4194, CVE-2010-4195,\r\nCVE-2010-4196, CVE-2010-4306, CVE-2010-4307, CVE-2011-0555, CVE-2011-0556,\r\nCVE-2011-0557, CVE-2011-0569\r\n\r\nPlatform: Windows and Macintosh\r\nSummary\r\n\r\nCritical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier\r\nversions on the Windows and Macintosh operating systems. These vulnerabilities could allow an\r\nattacker, who successfully exploits these vulnerabilities, to run malicious code on the affected\r\nsystem. Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions\r\nupdate to Adobe Shockwave Player 11.5.9.620 using the instructions provided below.\r\nAffected software versions\r\n\r\nShockwave Player 11.5.9.615 and earlier versions for Windows and Macintosh\r\nSolution\r\n\r\nAdobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions upgrade to\r\nthe newest version 11.5.9.620, available here: http://get.adobe.com/shockwave/.\r\nSeverity rating\r\n\r\nAdobe categorizes this as a critical update and recommends that users apply the latest update for\r\ntheir product installation by following the instructions in the "Solution" section above.\r\nDetails\r\n\r\nCritical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier\r\nversions on the Windows and Macintosh operating systems. These vulnerabilities could allow an\r\nattacker, who successfully exploits these vulnerabilities, to run malicious code on the affected\r\nsystem. Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions\r\nupdate to Adobe Shockwave Player 11.5.9.620 using the instructions provided above.\r\n\r\nThis update resolves a memory corruption vulnerability in the dirapi.dll module that could lead\r\nto code execution (CVE-2010-2587).\r\n\r\nThis update resolves a memory corruption vulnerability in the dirapi.dll module that could lead\r\nto code execution (CVE-2010-2588).\r\n\r\nThis update resolves an integer overflow vulnerability in the dirapi.dll module that could lead to\r\ncode execution (CVE-2010-2589).\r\n\r\nThis update resolves a use-after-free vulnerability that could lead to code execution\r\n(CVE-2010-4092).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2010-4093).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2010-4187).\r\n\r\nThis update resolves a memory corruption vulnerability in the dirapi.dll module that could lead\r\nto code execution (CVE-2010-4188).\r\n\r\nThis update resolves a memory corruption vulnerability in the IML32 module that could lead to\r\ncode execution (CVE-2010-4189).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2010-4190).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2010-4191).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2010-4192).\r\n\r\nThis update resolves an input validation vulnerability that could lead to code execution\r\n(CVE-2010-4193).\r\n\r\nThis update resolves an input validation vulnerability in the dirapi.dll module that could lead to\r\ncode execution (CVE-2010-4194).\r\n\r\nThis update resolves an input validation vulnerability in the TextXtra module that could lead to\r\ncode execution (CVE-2010-4195).\r\n\r\nThis update resolves an input validation vulnerability in the Shockwave 3d Asset module that could\r\nlead to code execution (CVE-2010-4196).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2010-4306).\r\n\r\nThis update resolves a buffer overflow vulnerability that could lead to code execution\r\n(CVE-2010-4307).\r\n\r\nThis update resolves a memory corruption vulnerability that could lead to code execution\r\n(CVE-2011-0555).\r\n\r\nThis update resolves a memory corruption vulnerability in the Font Xtra.x32 module that could\r\nlead to code execution (CVE-2011-0556).\r\n\r\nThis update resolves an integer overflow vulnerability that could lead to code execution\r\n(CVE-2011-0557).\r\n\r\nThis update resolves a memory corruption vulnerability in the Font Xtra.x32 module that could\r\nlead to code execution (CVE-2011-0569).\r\nAcknowledgments\r\n\r\nAdobe would like to thank the following individuals and organizations for reporting the relevant\r\nissues and for working with Adobe to help protect our customers:\r\n\u2022 Carsten Eiram, Secunia Research (CVE-2010-2587, CVE-2010-2588, CVE-2010-2589).\r\n\u2022 Krystian Kloskowski (h07), working with Secunia Research (CVE-2010-4092).\r\n\u2022 Will Dormann of CERT/CC (CVE-2010-4093, CVE-2010-4193, CVE-2010-4194,\r\nCVE-2010-4195, CVE-2010-4196).\r\n\u2022 Andrzej Dyjak of iDefense Labs (CVE-2010-4187).\r\n\u2022 Aaron Portnoy and Logan Brown, TippingPoint DVLabs (CVE-2010-4188).\r\n\u2022 Logan Brown and Aaron Portnoy, TippingPoint DVLabs(CVE-2011-0555,\r\nCVE-2011-0556).\r\n\u2022 Aaron Portnoy and Logan Brown, TippingPoint DVLabs (CVE-2010-4189).\r\n\u2022 Aniway and Luigi Auriemma through TippingPoint's Zero Day Initiative\r\n(CVE-2010-4190).\r\n\u2022 An anonymous reporter through TippingPoint's Zero Day Initiative (CVE-2010-4191).\r\n\u2022 Aniway through TippingPoint's Zero Day Initiative (CVE-2010-4192).\r\n\u2022 IBM X-Force (CVE-2010-4306, CVE-2010-4307).\r\n\u2022 An anonymous reporter through TippingPoint's Zero Day Initiative (CVE-2011-0557).\r\n\u2022 Logan Brown and Aaron Portnoy, TippingPoint DVLabs and Luigi Auriemma through TippingPoint's Zero\r\nDay Initiative (CVE-2011-0569). ", "edition": 1, "cvss3": {}, "published": "2011-02-11T00:00:00", "title": "Security update available for Shockwave Player", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-4187", "CVE-2011-0555", "CVE-2010-4307", "CVE-2010-4192", "CVE-2010-4093", "CVE-2010-2589", "CVE-2011-0569", "CVE-2011-0556", "CVE-2010-4189", "CVE-2010-4190", "CVE-2010-4195", "CVE-2010-2588", "CVE-2011-0557", "CVE-2010-4196", "CVE-2010-4193", "CVE-2010-2587", "CVE-2010-4188", "CVE-2010-4191", "CVE-2010-4092", "CVE-2010-4194", "CVE-2010-4306"], "modified": "2011-02-11T00:00:00", "id": "SECURITYVULNS:DOC:25658", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25658", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-08-19T13:01:34", "description": "The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.9.620. Such versions are potentially affected by the following issues :\n\n - Several unspecified errors exist in the 'dirapi.dll' module that may allow arbitrary code execution. (CVE-2010-2587, CVE-2010-2588, CVE-2010-4188)\n\n - An error exists in the 'dirapi.dll' module related to an integer overflow and that may allow arbitrary code execution. (CVE-2010-2589)\n\n - It is reported that a use-after-free error exists in an unspecified compatibility component related to the 'Settings' window and an unloaded, unspecified library. This error is reported to allow arbitrary code execution when a crafted, malicious website is visited. (CVE-2010-4092)\n\n - Unspecified errors exist that may allow arbitrary code execution or memory corruption. The attack vectors is unspecified. (CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, CVE-2010-4306, CVE-2011-0555)\n\n - An input validation error exists in the 'IML32' module that may allow arbitrary code execution when processing global color table size of a GIF image contained in a Director movie. (CVE-2010-4189)\n\n - An unspecified input validation error exists that may allow arbitrary code execution through unspecified vectors. (CVE-2010-4193)\n\n - An unspecified input validation error exists in the 'dirapi.dll' module that may allow arbitrary code execution through unspecified vectors. (CVE-2010-4194)\n\n - An integer overflow error exists in the '3D Assets' module when parsing 3D assets containing the record type '0xFFFFFF45'. This error may allow arbitrary code execution. (CVE-2010-4196)\n\n - An input validation error exists in the 'DEMUX' chunks parsing portion of the 'TextXtra.x32' module. This error may allow arbitrary code execution. (CVE-2010-4195)\n\n - An unspecified buffer overflow error exists that may allow arbitrary code execution through unspecified vectors. (CVE-2010-4307)\n\n - An error exists in the 'PFR1' chunks parsing portion of the 'Font Xtra.x32' module. This error may allow arbitrary code execution. (CVE-2011-0556)\n\n - An unspecified integer overflow error exists that may allow arbitrary code execution through unspecified vectors.(CVE-2011-0557)\n\n - An error exists in the 'Font Xtra.x32' module related to signedness that may allow arbitrary code execution.\n (CVE-2011-0569)", "cvss3": {"score": null, "vector": null}, "published": "2011-02-10T00:00:00", "type": "nessus", "title": "Shockwave Player < 11.5.9.620 (APSB11-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2587", "CVE-2010-2588", "CVE-2010-2589", "CVE-2010-4092", "CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4188", "CVE-2010-4189", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4193", "CVE-2010-4194", "CVE-2010-4195", "CVE-2010-4196", "CVE-2010-4306", "CVE-2010-4307", "CVE-2011-0555", "CVE-2011-0556", "CVE-2011-0557", "CVE-2011-0569"], "modified": "2018-07-27T00:00:00", "cpe": ["cpe:/a:adobe:shockwave_player"], "id": "SHOCKWAVE_PLAYER_APSB11-01.NASL", "href": "https://www.tenable.com/plugins/nessus/51936", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51936);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\n \"CVE-2010-2587\", \"CVE-2010-2588\", \"CVE-2010-2589\", \"CVE-2010-4092\", \n \"CVE-2010-4093\", \"CVE-2010-4187\", \"CVE-2010-4188\", \"CVE-2010-4189\",\n \"CVE-2010-4190\", \"CVE-2010-4191\", \"CVE-2010-4192\", \"CVE-2010-4193\",\n \"CVE-2010-4194\", \"CVE-2010-4195\", \"CVE-2010-4196\", \"CVE-2010-4306\",\n \"CVE-2010-4307\", \"CVE-2011-0555\", \"CVE-2011-0556\", \"CVE-2011-0557\",\n \"CVE-2011-0569\");\n script_bugtraq_id(\n 44617, \n 46316,\n 46317,\n 46318,\n 46319,\n 46320,\n 46321,\n 46324,\n 46325,\n 46326,\n 46327,\n 46328,\n 46329,\n 46330,\n 46332,\n 46333,\n 46334,\n 46335,\n 46336,\n 46338,\n 46339\n );\n script_xref(name:\"Secunia\", value:\"42112\");\n\n script_name(english:\"Shockwave Player < 11.5.9.620 (APSB11-01)\");\n script_summary(english:\"Checks version of Shockwave Player\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser plugin that is\naffected by multiple vulnerabilities.\");\n\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host contains a version of Adobe's Shockwave\nPlayer that is earlier than 11.5.9.620. Such versions are potentially\naffected by the following issues :\n\n - Several unspecified errors exist in the 'dirapi.dll' \n module that may allow arbitrary code execution. \n (CVE-2010-2587, CVE-2010-2588, CVE-2010-4188)\n\n - An error exists in the 'dirapi.dll' module related to \n an integer overflow and that may allow arbitrary code\n execution. (CVE-2010-2589)\n\n - It is reported that a use-after-free error exists in an\n unspecified compatibility component related to the \n 'Settings' window and an unloaded, unspecified library. \n This error is reported to allow arbitrary code execution \n when a crafted, malicious website is visited. \n (CVE-2010-4092)\n\n - Unspecified errors exist that may allow arbitrary \n code execution or memory corruption. The attack vectors\n is unspecified. (CVE-2010-4093, CVE-2010-4187, \n CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, \n CVE-2010-4306, CVE-2011-0555)\n\n - An input validation error exists in the 'IML32' module\n that may allow arbitrary code execution when processing \n global color table size of a GIF image contained in a \n Director movie. (CVE-2010-4189)\n\n - An unspecified input validation error exists that may\n allow arbitrary code execution through unspecified\n vectors. (CVE-2010-4193)\n\n - An unspecified input validation error exists in the \n 'dirapi.dll' module that may allow arbitrary code \n execution through unspecified vectors. (CVE-2010-4194)\n\n - An integer overflow error exists in the '3D Assets'\n module when parsing 3D assets containing the record\n type '0xFFFFFF45'. This error may allow arbitrary code\n execution. (CVE-2010-4196)\n\n - An input validation error exists in the 'DEMUX' chunks \n parsing portion of the 'TextXtra.x32' module. This\n error may allow arbitrary code execution. \n (CVE-2010-4195)\n\n - An unspecified buffer overflow error exists that may\n allow arbitrary code execution through unspecified\n vectors. (CVE-2010-4307)\n\n - An error exists in the 'PFR1' chunks parsing portion\n of the 'Font Xtra.x32' module. This error may allow\n arbitrary code execution. (CVE-2011-0556)\n\n - An unspecified integer overflow error exists that may\n allow arbitrary code execution through unspecified\n vectors.(CVE-2011-0557)\n\n - An error exists in the 'Font Xtra.x32' module related\n to signedness that may allow arbitrary code execution.\n (CVE-2011-0569)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-078/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-079/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-080/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-01.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Shockwave 11.5.9.620 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/10\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:shockwave_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"shockwave_player_apsb09_08.nasl\");\n script_require_keys(\"SMB/shockwave_player\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\n\nport = kb_smb_transport();\ninstalls = get_kb_list('SMB/shockwave_player/*/path');\nif (isnull(installs)) exit(0, 'Shockwave Player was not detected on the remote host.');\n\ninfo = NULL;\npattern = 'SMB/shockwave_player/([^/]+)/([^/]+)/path';\n\nforeach install (keys(installs))\n{\n match = eregmatch(string:install, pattern:pattern);\n if (!match) exit(1, 'Unexpected format of KB key \"' + install + '\".');\n\n file = installs[install];\n variant = match[1];\n version = match[2];\n\n if (ver_compare(ver:version, fix:'11.5.9.620') == -1)\n {\n if (variant == 'Plugin')\n info += '\\n - Browser Plugin (for Firefox / Netscape / Opera) :\\n';\n else if (variant == 'ActiveX')\n info += '\\n - ActiveX control (for Internet Explorer) :\\n';\n info += ' ' + file + ', ' + version + '\\n';\n }\n}\n\nif (!info) exit(0, 'No vulnerable installs of Shockwave Player were found.');\n\nif (report_verbosity > 0)\n{\n if (max_index(split(info)) > 2) s = \"s\";\n else s = \"\";\n\n report = \n '\\nNessus has identified the following vulnerable instance'+s+' of Shockwave'+\n '\\nPlayer installed on the remote host :\\n'+\n info;\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:13:27", "description": "The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.9.615 or earlier. It is, therefore, affected by multiple vulnerabilities :\n\n - Several unspecified errors exist in the 'dirapi.dll' module that allow arbitrary code execution.\n (CVE-2010-2587, CVE-2010-2588, CVE-2010-4188)\n\n - An error exists in the 'dirapi.dll' module related to an integer overflow that allows arbitrary code execution. (CVE-2010-2589)\n\n - It is reported that a use-after-free error exists in an unspecified compatibility component related to the 'Settings' window and an unloaded, unspecified library.\n This error is reported to allow arbitrary code execution when a crafted, malicious website is visited.\n (CVE-2010-4092)\n\n - Unspecified errors exist that allow arbitrary code execution or memory corruption. The attack vectors is unspecified. (CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, CVE-2010-4306, CVE-2011-0555)\n\n - An input validation error exists in the 'IML32' module that allows arbitrary code execution when processing the global color table size of a GIF image contained in a Director movie. (CVE-2010-4189)\n\n - An unspecified input validation error exists that allows arbitrary code execution through unspecified vectors.\n (CVE-2010-4193)\n\n - An unspecified input validation error exists in the 'dirapi.dll' module that allows arbitrary code execution through unspecified vectors. (CVE-2010-4194)\n\n - An integer overflow error exists in the '3D Assets' module when parsing 3D assets containing the record type '0xFFFFFF45'. This error allows arbitrary code execution. (CVE-2010-4196)\n\n - An input validation error exists in the 'DEMUX' chunks parsing portion of the 'TextXtra.x32' module. This error allows arbitrary code execution. (CVE-2010-4195)\n\n - An unspecified buffer overflow error exists that allows arbitrary code execution through unspecified vectors.\n (CVE-2010-4307)\n\n - An error exists in the 'PFR1' chunks parsing portion of the 'Font Xtra.x32' module. This error allows arbitrary code execution. (CVE-2011-0556)\n\n - An unspecified integer overflow error exists that allows arbitrary code execution through unspecified vectors (CVE-2011-0557)\n\n - An error exists in the 'Font Xtra.x32' module related to signedness that allows arbitrary code execution.\n (CVE-2011-0569)", "cvss3": {"score": null, "vector": null}, "published": "2014-12-22T00:00:00", "type": "nessus", "title": "Adobe Shockwave Player <= 11.5.9.615 (APSB11-01) (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2587", "CVE-2010-2588", "CVE-2010-2589", "CVE-2010-4092", "CVE-2010-4093", "CVE-2010-4187", "CVE-2010-4188", "CVE-2010-4189", "CVE-2010-4190", "CVE-2010-4191", "CVE-2010-4192", "CVE-2010-4193", "CVE-2010-4194", "CVE-2010-4195", "CVE-2010-4196", "CVE-2010-4306", "CVE-2010-4307", "CVE-2011-0555", "CVE-2011-0556", "CVE-2011-0557", "CVE-2011-0569"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:adobe:shockwave_player"], "id": "MACOSX_SHOCKWAVE_PLAYER_APSB11-01.NASL", "href": "https://www.tenable.com/plugins/nessus/80175", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80175);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2010-2587\",\n \"CVE-2010-2588\",\n \"CVE-2010-2589\",\n \"CVE-2010-4092\",\n \"CVE-2010-4093\",\n \"CVE-2010-4187\",\n \"CVE-2010-4188\",\n \"CVE-2010-4189\",\n \"CVE-2010-4190\",\n \"CVE-2010-4191\",\n \"CVE-2010-4192\",\n \"CVE-2010-4193\",\n \"CVE-2010-4194\",\n \"CVE-2010-4195\",\n \"CVE-2010-4196\",\n \"CVE-2010-4306\",\n \"CVE-2010-4307\",\n \"CVE-2011-0555\",\n \"CVE-2011-0556\",\n \"CVE-2011-0557\",\n \"CVE-2011-0569\"\n );\n script_bugtraq_id(\n 44617,\n 46316,\n 46317,\n 46318,\n 46319,\n 46320,\n 46321,\n 46324,\n 46325,\n 46326,\n 46327,\n 46328,\n 46329,\n 46330,\n 46332,\n 46333,\n 46334,\n 46335,\n 46336,\n 46338,\n 46339\n );\n script_xref(name:\"SECUNIA\", value:\"42112\");\n\n script_name(english:\"Adobe Shockwave Player <= 11.5.9.615 (APSB11-01) (Mac OS X)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser plugin that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X host contains a version of Adobe Shockwave Player\nthat is 11.5.9.615 or earlier. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Several unspecified errors exist in the 'dirapi.dll'\n module that allow arbitrary code execution.\n (CVE-2010-2587, CVE-2010-2588, CVE-2010-4188)\n\n - An error exists in the 'dirapi.dll' module related to\n an integer overflow that allows arbitrary code\n execution. (CVE-2010-2589)\n\n - It is reported that a use-after-free error exists in an\n unspecified compatibility component related to the\n 'Settings' window and an unloaded, unspecified library.\n This error is reported to allow arbitrary code execution\n when a crafted, malicious website is visited.\n (CVE-2010-4092)\n\n - Unspecified errors exist that allow arbitrary code\n execution or memory corruption. The attack vectors is\n unspecified. (CVE-2010-4093, CVE-2010-4187,\n CVE-2010-4190, CVE-2010-4191, CVE-2010-4192,\n CVE-2010-4306, CVE-2011-0555)\n\n - An input validation error exists in the 'IML32' module\n that allows arbitrary code execution when processing the\n global color table size of a GIF image contained in a\n Director movie. (CVE-2010-4189)\n\n - An unspecified input validation error exists that allows\n arbitrary code execution through unspecified vectors.\n (CVE-2010-4193)\n\n - An unspecified input validation error exists in the\n 'dirapi.dll' module that allows arbitrary code execution\n through unspecified vectors. (CVE-2010-4194)\n\n - An integer overflow error exists in the '3D Assets'\n module when parsing 3D assets containing the record\n type '0xFFFFFF45'. This error allows arbitrary code\n execution. (CVE-2010-4196)\n\n - An input validation error exists in the 'DEMUX' chunks\n parsing portion of the 'TextXtra.x32' module. This\n error allows arbitrary code execution. (CVE-2010-4195)\n\n - An unspecified buffer overflow error exists that allows\n arbitrary code execution through unspecified vectors.\n (CVE-2010-4307)\n\n - An error exists in the 'PFR1' chunks parsing portion\n of the 'Font Xtra.x32' module. This error allows\n arbitrary code execution. (CVE-2011-0556)\n\n - An unspecified integer overflow error exists that allows\n arbitrary code execution through unspecified vectors\n (CVE-2011-0557)\n\n - An error exists in the 'Font Xtra.x32' module related\n to signedness that allows arbitrary code execution.\n (CVE-2011-0569)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-078/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-079/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-080/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-01.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Shockwave 11.5.9.620 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-0569\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:shockwave_player\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"shockwave_player_detect_macosx.nbin\");\n script_require_keys(\"installed_sw/Shockwave Player\", \"Host/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp = 'Shockwave Player';\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nver = install['version'];\npath = install['path'];\n\nif (ver_compare(ver:ver, fix:'11.5.9.615', strict:FALSE) <= 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed versions : 11.5.9.620' +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(port:0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}

iDefense Security Advisory 02.08.11: Adobe Shockwave Player Memory Corruption Vulnerability

Description

Related