Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-10-088
HistoryMay 11, 2010 - 12:00 a.m.

Adobe Shockwave Player 0xFFFFFF49 Record Parsing Remote Code Execution Vulnerability

2010-05-1100:00:00
Anonymous
www.zerodayinitiative.com
6

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.152 Low

EPSS

Percentile

95.8%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the code responsible for parsing 3D objects defined inside Director files. These files are essentially RIFF-based, but stored in big endian format. An undocumented 4-byte field within record type 0xFFFFFF49 can be modified to cause corruption of heap memory. This corruption can be used to modify function pointers and achieve remote code execution under the context of the user running the browser.

Related

cve 1
prion 1
securityvulns 4
openvas 2
nessus 2
checkpoint_advisories 1
cve
cve
CVE-2010-1283
2010-05-13 17:30:00
prion
prion
Memory corruption
2010-05-13 17:30:00
securityvulns
securityvulns
ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability
2010-05-12 00:00:00
VUPEN Security Research - Adobe Shockwave 3D Blocks Field Code Execution Vulnerability (CVE-2010-1283)
2010-05-13 00:00:00
Security update available for Shockwave Player
2010-05-12 00:00:00
openvas
openvas
Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities May-10
2010-05-19 00:00:00
Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities (May 2010)
2010-05-19 00:00:00
nessus
nessus
Shockwave Player < 11.5.7.609 Multiple Vulnerabilities (APSB10-12)
2010-05-12 00:00:00
Adobe Shockwave Player <= 11.5.6.606 Multiple Vulnerabilities (APSB10-12) (Mac OS X)
2014-12-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Director Files (CVE-2010-0127; CVE-2010-0128; CVE-2010-0129; CVE-2010-0130; CVE-2010-0986; CVE-2010-0987; CVE-2010-1280; CVE-2010-1281; CVE-2010-1282; CVE-2010-1283; CVE-2010-1284; CVE-2010-1286; CVE-2010-1287; CVE-2010-1288; CVE-2010-1289; CVE-2010-1290; CVE-2010-1291; CVE-2010-1292)
2010-05-17 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.152 Low

EPSS

Percentile

95.8%

JSON
Related for ZDI-10-088
cve1prion1securityvulns4openvas2nessus2checkpoint_advisories1