CVSS: 9.3EPSS: 1%CPEs: 43EXPL: 0CVE-2011-2108
https://notcve.org/view.php?id=CVE-2011-2108
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design flaw." Adobe Shockwave Player anterior a v11.6.0.626 permite a los atacantes ejecutar código de su elección a través de vectores no especificados, relacionados con un "error de diseño". • http://osvdb.org/73012 http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.securityfocus.com/bid/48311 http://www.us-cert.gov/cas/techalerts/TA11-166A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/68033 •
CVSS: 9.3EPSS: 0%CPEs: 43EXPL: 0CVE-2011-0317
https://notcve.org/view.php?id=CVE-2011-0317
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122. Dirapi.dll de Adobe Shockwave Player en versiones anteriores a 11.6.0.626 permite a atacantes remotos ejecutar código arbitrario o provocar una enegación de servicio (corrupción de memoria) a través de vectores sin especificar, una vulnerabilidad distinta a CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119 y CVE-2011-2122. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 43EXPL: 0CVE-2011-2127 – Adobe Shockwave NPAPI Plug-in Drag and Drop Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2127
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128. Adobe Shockwave Player anterior a v11.6.0.626 permite a los atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente de CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, y CVE-2011-2128. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the NPAPI version of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application manages a reference to a COM object. • http://osvdb.org/73032 http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.securityfocus.com/bid/48289 http://www.us-cert.gov/cas/techalerts/TA11-166A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/68051 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 43EXPL: 0CVE-2011-0318
https://notcve.org/view.php?id=CVE-2011-0318
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122. Dirapi.dll en Adobe Shockwave Player anterior a v11.6.0.626, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Vulnerabilidades distintas a CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, y CVE-2011-2122. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 43EXPL: 0CVE-2011-2123
https://notcve.org/view.php?id=CVE-2011-2123
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow. Un desbordamiento de enteros en el componente Shockwave 3D Asset (32 bits) en Adobe Shockwave Player anterior a versión 11.6.0.626, permite que los atacantes remotos ejecuten código arbitrario por medio de un subregistro especialmente diseñado en un fragmento DEMX, lo que desencadena un desbordamiento de búfer en la región heap de la memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=922 http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-189: Numeric Errors •