CVE-2010-4190 – Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4190
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. Adobe Shockwave Player en versiones anteriores a la 11.5.9.620 permite que los atacantes ejecuten código arbitrario o provoquen una denegación de servicio (corrupción de memoria) mediante una película Director con un fragmento RIFF CSWV que provoca un cálculo incorrecto de un desplazamiento para una subestructura, lo que provoca un "seek" fuera de límites de la memoria dinámica (heap). Esta vulnerabilidad es diferente de CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192 y CVE-2010-4306. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing substructures referenced by the CSWV RIFF chunk. • http://www.adobe.com/support/security/bulletins/apsb11-01.html http://www.securityfocus.com/archive/1/516324/100/0/threaded http://www.securityfocus.com/bid/46324 http://www.securitytracker.com/id?1025056 http://www.vupen.com/english/advisories/2011/0335 http://www.zerodayinitiative.com/advisories/ZDI-11-080 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-4192 – Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4192
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306. Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de una película Director con un registro de tipo 0xFFFFFF88 de activos 3D especialmente diseñados que desencadenan una asignación de memoria incorrecta, una vulnerabilidad diferente de CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191 y CVE-2010-4306. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D assets within a director movie. The routine responsible for parsing 3D record type 0xFFFFFF88 does not properly validate multiple fields within the structure. • http://www.adobe.com/support/security/bulletins/apsb11-01.html http://www.securityfocus.com/archive/1/516322/100/0/threaded http://www.securityfocus.com/bid/46326 http://www.securitytracker.com/id?1025056 http://www.vupen.com/english/advisories/2011/0335 http://www.zerodayinitiative.com/advisories/ZDI-11-078 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0557 – Adobe Shockwave Player 0xFFFFFF45 Record Count Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0557
Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption. Un desbordamiento de enteros en Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes remotos ejecutar código arbitrario por medio de una película Director con un gran valor de conteo en el registro de activos 3D tipo 0xFFFFFF45, que desencadena un "faulty allocation" y la corrupción de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D assets within a director movie. The routine responsible for parsing 3D record type 0xFFFFFF45 does not properly validate a count field within the structure. • http://www.adobe.com/support/security/bulletins/apsb11-01.html http://www.securityfocus.com/archive/1/516323/100/0/threaded http://www.securityfocus.com/bid/46330 http://www.securitytracker.com/id?1025056 http://www.vupen.com/english/advisories/2011/0335 https://exchange.xforce.ibmcloud.com/vulnerabilities/65259 • CWE-189: Numeric Errors •
CVE-2010-4092
https://notcve.org/view.php?id=CVE-2010-4092
Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de uso de memoria previamente liberada en un componente de compatibilidad no especificado en Shockwave Player de Adobe anterior a versión 11.5.9.620, permite a los atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un sitio web especialmente diseñado, relacionado con la ventana Configuración de Shockwave y una biblioteca descargada. NOTA: algunos de estos datos se obtienen de la información de terceros. • http://osvdb.org/68982 http://secunia.com/advisories/42112 http://www.adobe.com/support/security/bulletins/apsb11-01.html http://www.securityfocus.com/bid/44617 http://www.securitytracker.com/id?1025056 http://www.vupen.com/english/advisories/2011/0335 https://exchange.xforce.ibmcloud.com/vulnerabilities/62978 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11548 • CWE-399: Resource Management Errors •
CVE-2010-4085
https://notcve.org/view.php?id=CVE-2010-4085
dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4086, and CVE-2010-4088. dirapi.dll en Adobe Shockwave Player anterior a v11.5.9.615 permite a los atacantes ejecutar código a su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente que CVE-2010-2581, CVE-2010-4084, CVE-2010-4086, y CVE-2010-4088. • http://www.adobe.com/support/security/bulletins/apsb10-25.html http://www.securitytracker.com/id?1024664 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11518 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •