Lucene search
RootSSV:19587HistoryMay 12, 2010 - 12:00 a.m.
Adobe Shockwave Player Director文件分析ATOM size无限循环漏洞
2010-05-1200:00:00
Root
www.seebug.org
10
0.032 Low
EPSS
Percentile
90.1%
CVE ID: CVE-2010-1282
Code Audit Labs http://www.vulnhunt.com 在Adobe’s Shockwave Player软件中
发现一个漏洞,触发该漏洞需要用户访问一个畸形的web页面。
该漏洞存在于当shockwave player分析atom size时,不当处理导致代码无限循环。
成功利用能导致cpu 100%,造成拒绝服务攻击。
11.5.2.602 ,11.5.6.606 and prior
厂商补丁:
adobe
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://www.adobe.com
Related
cve
cve
CVE-2010-1282
2010-05-13 17:30:00
securityvulns
securityvulns
[CAL-20100204-1]Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability
2010-05-12 00:00:00
Security update available for Shockwave Player
2010-05-12 00:00:00
Adobe Shockwave multiple security vulnerabilities
2010-05-21 00:00:00
prion
prion
Design/Logic Flaw
2010-05-13 17:30:00
nessus
nessus
Adobe Shockwave Player <= 11.5.6.606 Multiple Vulnerabilities (APSB10-12) (Mac OS X)
2014-12-22 00:00:00
Shockwave Player < 11.5.7.609 Multiple Vulnerabilities (APSB10-12)
2010-05-12 00:00:00
openvas
openvas