Page 11 of 173 results (0.013 seconds)

CVSS: 9.8EPSS: 13%CPEs: 42EXPL: 0

10 Feb 2011 — The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. El módulo TextXtra en Adobe Shockwave Player anterior a v11.5.9.620 no valida correctamente la entrada de datos no especificados, que permite a los atacantes ejecutar código de su elección a través de vectores desconocidos. • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 13%CPEs: 42EXPL: 0

10 Feb 2011 — The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. El módulo dirapi.dll en Adobe Shockwave Player anterior a v11.5.9.620 no valida de forma adecuada datos de entrada no especificada, lo que permite a atacantes a ejecutar código de a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 8%CPEs: 42EXPL: 0

10 Feb 2011 — Integer overflow in the dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de enteros en el módulo dirapi.dll en Adobe Shockwave Player anterior a v11.5.9.620 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-189: Numeric Errors •

CVSS: 9.8EPSS: 5%CPEs: 42EXPL: 0

10 Feb 2011 — The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556. El módulo Font Xtra.x32 en Adobe Shockwave Player anterior a 11.5.9.620 permite a los atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a ... • http://dvlabs.tippingpoint.com/advisory/TPTI-11-05 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 13%CPEs: 42EXPL: 0

10 Feb 2011 — The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. El módulo Shockwave 3d Asset de Adobe Shockwave Player en versiones anteriores a la 11.5.9.620 no valida apropiadamente datos de entrada sin especificar, lo que permite a atacantes ejecutar código de su elección a través de vectores desconocidos. • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 4%CPEs: 42EXPL: 0

10 Feb 2011 — The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569. El módulo Font Xtra.x32 en Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por me... • http://dvlabs.tippingpoint.com/advisory/TPTI-11-03 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 4%CPEs: 42EXPL: 0

10 Feb 2011 — The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset. El módulo IML32 de Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de una película Director qu... • http://dvlabs.tippingpoint.com/advisory/TPTI-11-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 9%CPEs: 42EXPL: 0

09 Feb 2011 — The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. El módulo TextXtra.x32 de Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes remotos ejecut... • http://dvlabs.tippingpoint.com/advisory/TPTI-11-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 7%CPEs: 42EXPL: 0

09 Feb 2011 — The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer overflow, a different vulnerability than CVE-2010-2587 and CVE-2010-2588. El módulo dirapi.dll de Shockwave Player de Adobe anterior a versión 11.5.9.620, ... • http://dvlabs.tippingpoint.com/advisory/TPTI-11-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 11%CPEs: 42EXPL: 0

08 Feb 2011 — Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption. Un desbordamiento de enteros en Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes remotos ejecutar código arbitrario por medio de una película Director con un gran valor de conteo en el registro de activos 3D tipo 0xFFFFFF45, q... • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-189: Numeric Errors •