CVSS: 9.3EPSS: 5%CPEs: 42EXPL: 0CVE-2010-4190 – Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4190
08 Feb 2011 — Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. Adobe Shockwave Player en versiones anteriores a la 11.5.9.620 permite que los ... • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 11%CPEs: 42EXPL: 0CVE-2011-0557 – Adobe Shockwave Player 0xFFFFFF45 Record Count Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0557
08 Feb 2011 — Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption. Un desbordamiento de enteros en Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes remotos ejecutar código arbitrario por medio de una película Director con un gran valor de conteo en el registro de activos 3D tipo 0xFFFFFF45, q... • http://www.adobe.com/support/security/bulletins/apsb11-01.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 4%CPEs: 42EXPL: 0CVE-2010-4092
https://notcve.org/view.php?id=CVE-2010-4092
05 Nov 2010 — Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de uso de memoria previamente liberada en un componente de compatibilidad no especificado en Shockwave Player de Adobe anterior a versión 11.5.9.620, per... • http://osvdb.org/68982 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 6%CPEs: 41EXPL: 0CVE-2010-2581
https://notcve.org/view.php?id=CVE-2010-2581
29 Oct 2010 — dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director file containing a crafted pamm chunk with an invalid (1) size and (2) number of sub-chunks, a different vulnerability than CVE-2010-4084, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088. La biblioteca dirapi.dll en Shockwave Player de Adobe anterior a versión 11.5.9.615, permite a los atacantes remotos ejecutar código arbitrario o causar una... • http://secunia.com/secunia_research/2010-113 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 41EXPL: 0CVE-2010-4086
https://notcve.org/view.php?id=CVE-2010-4086
29 Oct 2010 — dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Director (.dir) media file with an invalid element size, a different vulnerability than CVE-2010-2581, CVE-2010-2880, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4088. La biblioteca dirapi.dll en Shockwave Player de Adobe anterior a versión 11.5.9.615, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción ... • http://www.adobe.com/support/security/bulletins/apsb10-25.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 9%CPEs: 41EXPL: 0CVE-2010-2582
https://notcve.org/view.php?id=CVE-2010-2582
29 Oct 2010 — An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when processing a DEMX chunk in a Director file, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code. Una función no especificada en TextXtra.x32 en Shockwave Player de Adobe anterior a versión 11.5.9.615, no reasigna apropiadamente un búfer al procesar un fragmento DEMX en un archivo Director, lo que permite a los atacantes remotos activar un... • http://secunia.com/secunia_research/2010-114 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 41EXPL: 0CVE-2010-4085
https://notcve.org/view.php?id=CVE-2010-4085
29 Oct 2010 — dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4086, and CVE-2010-4088. dirapi.dll en Adobe Shockwave Player anterior a v11.5.9.615 permite a los atacantes ejecutar código a su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente que... • http://www.adobe.com/support/security/bulletins/apsb10-25.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 41EXPL: 0CVE-2010-4089
https://notcve.org/view.php?id=CVE-2010-4089
29 Oct 2010 — IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087. La biblioteca IML32.dll en Shockwave Player de Adobe anterior a versión 11.5.9.615, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de un archivo .dir que contiene "duplicated LC... • http://www.adobe.com/support/security/bulletins/apsb10-25.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 41EXPL: 0CVE-2010-4088
https://notcve.org/view.php?id=CVE-2010-4088
29 Oct 2010 — dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with "duplicated references to the same KEY* chunk," a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4086. La biblioteca dirapi.dll en Shockwave Player de Adobe anterior a versión 11.5.9.615, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por m... • http://www.adobe.com/support/security/bulletins/apsb10-25.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 41EXPL: 0CVE-2010-4084
https://notcve.org/view.php?id=CVE-2010-4084
29 Oct 2010 — dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088. dirapi.dll en Adobe Shockwave Player anterior a v11.5.9.615 permite a los atacantes ejecutar código a su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente que... • http://www.adobe.com/support/security/bulletins/apsb10-25.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •