CVSS: 9.3EPSS: 0%CPEs: 43EXPL: 0CVE-2011-2116
https://notcve.org/view.php?id=CVE-2011-2116
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115. IML32.dll en Adobe Shockwave Player en versiones anteriores a v11.6.0.626 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria ) a través de vectores no especificados, una vulnerabilidad diferente a CVE -2011- 2111 y CVE- 2011 - 2115. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 43EXPL: 0CVE-2011-2122
https://notcve.org/view.php?id=CVE-2011-2122
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119. En la biblioteca Dirapi.dll en Adobe Shockwave Player anterior a versión 11.6.0.626 permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de vectores no especificados relacionados con subestructuras rcsL, una vulnerabilidad diferente de CVE-2011-0317, CVE-2011-0318 , CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, y CVE-2011-2119. • http://osvdb.org/73029 http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.securityfocus.com/archive/1/518439/100/0/threaded http://www.securityfocus.com/bid/48297 http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 11%CPEs: 43EXPL: 0CVE-2011-2114 – Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2114
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128. Adobe Shockwave Player anterior a v11.6.0.626 permite a los atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente de CVE-2011-2117, CVE-2011-2124, CVE-2011-2127 y CVE-2011-2128. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 43EXPL: 0CVE-2011-2113 – Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2113
Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en el componente Shockwave3DAsset en Adobe Shockwave Player anterior a v11.6.0.626, permite a atacantes ejecutar código de su elección a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 11%CPEs: 43EXPL: 0CVE-2011-0335 – Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0335
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, and CVE-2011-2122. Dirapi.dll en Adobe Shockwave Player antes de v11.6.0.626 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria ) a través de vectores no especificados, una vulnerabilidad diferente a CVE -2011- 0317, CVE -2011- 0318, CVE -2011- 0319, CVE -2011- 0320, CVE -2011- 2119, CVE- 2011 y 2122. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the RIFF-based Director (.dir) files. When handling an undocumented substructure, the code within dirapi.dll can be forced to incorrectly calculate a destination pointer if it encounters certain 1-byte opcodes within the .dir file. • http://www.adobe.com/support/security/bulletins/apsb11-17.html http://www.us-cert.gov/cas/techalerts/TA11-166A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •