CVSS: 9.3EPSS: 15%CPEs: 40EXPL: 0CVE-2010-2880
https://notcve.org/view.php?id=CVE-2010-2880
DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x47 of a certain file. DIRAPI.dll en Adobe Shockwave Player anterior a v11.5.8.612 no parsea adecuadamente archivos .dir, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecutar código de su elección a través de un archivo mal formado que contiene un valor no válido, como se demostró con un valor de la posición 0x47 de ciertos ficheros. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513331/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 8%CPEs: 40EXPL: 0CVE-2010-2879
https://notcve.org/view.php?id=CVE-2010-2879
Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted (1) element count or (2) element size value in a file. Múltiples desbordamientos de entero en el asignador del módulo TextXtra.x32 de Adobe Shockwave Player anterior a v11.5.8.612 permiten a atacantes remotos provocar una denegación de servicio (corrupción en la pila de memoria) o ejecutar código de su elección mediante (1) elemento count -contar- o (2) elemento size value -valor de tamaño- manipulados en un fichero. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-12 http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513300/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11998 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 16%CPEs: 40EXPL: 0CVE-2010-2878
https://notcve.org/view.php?id=CVE-2010-2878
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. DIRAPIX.dll en Adobe Shockwave Player anterior a v11.5.8.612 no valida adecuadamente los valores asociados al búfer de búsqueda de una película de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica -heap-) o ejecutar código de su elección a través de una película manipulada. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-10 http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513298/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11883 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 16%CPEs: 40EXPL: 0CVE-2010-2877
https://notcve.org/view.php?id=CVE-2010-2877
Adobe Shockwave Player before 11.5.8.612 does not properly validate a count value in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to IML32X.dll and DIRAPIX.dll. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente un valor de contador en una película de Director, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción en la pila de memoria) o ejecutar código arbitrario a través de una película manipulada, relacionado con IML32X.dll y DIRAPIX.dll. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-09 http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513296/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11895 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 17%CPEs: 40EXPL: 0CVE-2010-2871 – Adobe Shockwave Player Director File FFFFFF45 Record Processing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2871
Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie. Desbordamiento de entero en la funcionalidad 3D en Adobe Shockwave Player anterior a 11.5.8.612, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica -heap-) o la ejecución de código de su elección a través de un tamaño con un valor manipulado en un registro 0xFFFFFF45 RIFF en una película de Director. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support for 3D objects. While parsing the 0xFFFFFF45 RIFF record type, the process performs arithmetic on a size value and uses the result for a heap-based allocation. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513305/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11970 • CWE-189: Numeric Errors •