Page 28 of 171 results (0.009 seconds)

CVSS: 9.3EPSS: 17%CPEs: 40EXPL: 0

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x24C0 of a certain file. IML32.dll en Adobe Shockwave Player anterior a v11.5.8.612 no valida adecuadamente los archivos .dir, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o la ejecución de código de su elección a través de un archivo mal formado que contiene un valor no válido , como se ha demostrado con un valor en la posición 0x24C0 de un archivo determinado. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513328/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11614 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 9%CPEs: 40EXPL: 0

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted (1) element count or (2) element size value in a file. Múltiples desbordamientos de entero en el asignador del módulo TextXtra.x32 de Adobe Shockwave Player anterior a v11.5.8.612 permiten a atacantes remotos provocar una denegación de servicio (corrupción en la pila de memoria) o ejecutar código de su elección mediante (1) elemento count -contar- o (2) elemento size value -valor de tamaño- manipulados en un fichero. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-12 http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513300/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11998 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 18%CPEs: 40EXPL: 0

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. DIRAPIX.dll en Adobe Shockwave Player anterior a v11.5.8.612 no valida adecuadamente los valores asociados al búfer de búsqueda de una película de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica -heap-) o ejecutar código de su elección a través de una película manipulada. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-10 http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513298/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11883 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 18%CPEs: 40EXPL: 0

Adobe Shockwave Player before 11.5.8.612 does not properly validate a count value in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to IML32X.dll and DIRAPIX.dll. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente un valor de contador en una película de Director, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción en la pila de memoria) o ejecutar código arbitrario a través de una película manipulada, relacionado con IML32X.dll y DIRAPIX.dll. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-09 http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513296/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11895 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 39%CPEs: 40EXPL: 0

Adobe Shockwave Player before 11.5.8.612 does not properly validate an offset value in the pami RIFF chunk in a Director movie, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente un valor de desplazamiento en el fragmento pami RIFF en una película Director, el cual puede permitir a atacantes remotos producir una denegación de servicio (corrupción de memoria) o ejecutar código arbitrario mediante una película manipulada This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing Director files. When the application parses the pami RIFF chunk, it trusts an offset value and seeks into the file data. If provided with signed values in the data at the given offset, the process can be made to incorrectly calculate a pointer and operate on the data at it's location. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513306/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-161 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11889 • CWE-20: Improper Input Validation •