CVSS: 9.8EPSS: 7%CPEs: 12EXPL: 0CVE-2009-1860 – Adobe Shockwave Player Director File Parsing Pointer Overwrite Vulnerability
https://notcve.org/view.php?id=CVE-2009-1860
24 Jun 2009 — Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. Vulnerabilidad sin especificar en Adobe Shockwave Player anterior a v11.5.0.600 permite a atacantes remotos ejecutar código de su elección a través de contenido Shockwave Player 10 manipulado. This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a use... • http://secunia.com/advisories/35544 •
CVSS: 9.1EPSS: 37%CPEs: 1EXPL: 0CVE-2007-5275 – Flash plugin DNS rebinding
https://notcve.org/view.php?id=CVE-2007-5275
08 Oct 2007 — The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324. La extensión Adobe Macromedia Flash... • http://crypto.stanford.edu/dns/dns-rebinding.pdf • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 37%CPEs: 9EXPL: 0CVE-2005-3525 – Adobe Macromedia ShockWave Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2005-3525
31 Dec 2005 — Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Macromedia Shockwave. Exploitation requires the target to visit a malicious web site. This specific flaw exists within the ActiveX control with CLSID 166B1BCA-3F9C-11CF-8075-4... • http://secunia.com/advisories/19009 •