CVSS: 9.8EPSS: 8%CPEs: 40EXPL: 0CVE-2010-2880
https://notcve.org/view.php?id=CVE-2010-2880
26 Aug 2010 — DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x47 of a certain file. DIRAPI.dll en Adobe Shockwave Player anterior a v11.5.8.612 no parsea adecuadamente archivos .dir, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecuta... • http://www.adobe.com/support/security/bulletins/apsb10-20.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 11%CPEs: 40EXPL: 0CVE-2010-2875
https://notcve.org/view.php?id=CVE-2010-2875
26 Aug 2010 — Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a length value associated with the tSAC chunk in a Director movie. Error en entero de signo en Adobe Shockwave Player anterior a v11.5.8.612 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecutar código arbitrario mediante un valor de longitud asociados con el trozo TSAC en una película Director... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=878 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 13%CPEs: 40EXPL: 0CVE-2010-2878
https://notcve.org/view.php?id=CVE-2010-2878
26 Aug 2010 — DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. DIRAPIX.dll en Adobe Shockwave Player anterior a v11.5.8.612 no valida adecuadamente los valores asociados al búfer de búsqueda de una película de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupció... • http://dvlabs.tippingpoint.com/advisory/TPTI-10-10 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 8%CPEs: 40EXPL: 0CVE-2010-2867
https://notcve.org/view.php?id=CVE-2010-2867
26 Aug 2010 — DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to a "pointer offset vulnerability." DIRAPIX.dll en Adobe Shockwave Player anterior a v11.5.8.612 no maneja correctamente un determinado valor de retorno asociado con el fragmento rcsl en una película Director, el cua... • http://dvlabs.tippingpoint.com/advisory/TPTI-10-14 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 40EXPL: 0CVE-2010-2868
https://notcve.org/view.php?id=CVE-2010-2868
26 Aug 2010 — IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x320D of a certain file. IML32.dll en Adobe Shockwave Player anterior a v11.5.8.612 no parsea adecuadamente archivos .dir, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o ... • http://www.adobe.com/support/security/bulletins/apsb10-20.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 13%CPEs: 40EXPL: 0CVE-2010-2877
https://notcve.org/view.php?id=CVE-2010-2877
26 Aug 2010 — Adobe Shockwave Player before 11.5.8.612 does not properly validate a count value in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to IML32X.dll and DIRAPIX.dll. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente un valor de contador en una película de Director, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción en la pila de memoria) o ejecutar c... • http://dvlabs.tippingpoint.com/advisory/TPTI-10-09 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 17%CPEs: 40EXPL: 0CVE-2010-2879
https://notcve.org/view.php?id=CVE-2010-2879
26 Aug 2010 — Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted (1) element count or (2) element size value in a file. Múltiples desbordamientos de entero en el asignador del módulo TextXtra.x32 de Adobe Shockwave Player anterior a v11.5.8.612 permiten a atacantes remotos provocar una denegación de servicio (corrupción en la pila de memoria) ... • http://dvlabs.tippingpoint.com/advisory/TPTI-10-12 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 9%CPEs: 40EXPL: 0CVE-2010-2863
https://notcve.org/view.php?id=CVE-2010-2863
26 Aug 2010 — Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. Adobe Shockwave Player anterior a v11.5.8.612 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente la ejecución de código de su elección a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb10-20.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 40EXPL: 0CVE-2010-2869
https://notcve.org/view.php?id=CVE-2010-2869
26 Aug 2010 — IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3712 of a certain file. IML32.dll en Adobe Shockwave Player anterior a v11.5.8.612, no valida adecuadamente los archivos .dir, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinám... • http://www.adobe.com/support/security/bulletins/apsb10-20.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 11%CPEs: 40EXPL: 0CVE-2010-2873 – Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2873
24 Aug 2010 — Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente valores de offset (desplazamiento de pedazo) en el rcsL RIFF manipulado de (1) .DIR y (2) películas .DCR de Director, lo que permite a atacantes remotos provocar u... • http://www.adobe.com/support/security/bulletins/apsb10-20.html • CWE-20: Improper Input Validation •