Page 17 of 175 results (0.008 seconds)

CVSS: 9.3EPSS: 4%CPEs: 43EXPL: 0

Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow. Un desbordamiento de enteros en el componente Shockwave 3D Asset (32 bits) en Adobe Shockwave Player anterior a versión 11.6.0.626, permite que los atacantes remotos ejecuten código arbitrario por medio de un subregistro especialmente diseñado en un fragmento DEMX, lo que desencadena un desbordamiento de búfer en la región heap de la memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=922 http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 0%CPEs: 43EXPL: 0

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115. IML32.dll en Adobe Shockwave Player en versiones anteriores a v11.6.0.626 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria ) a través de vectores no especificados, una vulnerabilidad diferente a CVE -2011- 2111 y CVE- 2011 - 2115. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 43EXPL: 0

Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119. En la biblioteca Dirapi.dll en Adobe Shockwave Player anterior a versión 11.6.0.626 permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de vectores no especificados relacionados con subestructuras rcsL, una vulnerabilidad diferente de CVE-2011-0317, CVE-2011-0318 , CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, y CVE-2011-2119. • http://osvdb.org/73029 http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.securityfocus.com/archive/1/518439/100/0/threaded http://www.securityfocus.com/bid/48297 http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 15%CPEs: 43EXPL: 0

Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128. Adobe Shockwave Player anterior a v11.6.0.626 permite a los atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente de CVE-2011-2117, CVE-2011-2124, CVE-2011-2127 y CVE-2011-2128. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 3%CPEs: 43EXPL: 0

Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en el componente Shockwave3DAsset en Adobe Shockwave Player anterior a v11.6.0.626, permite a atacantes ejecutar código de su elección a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •