Page 29 of 173 results (0.003 seconds)

CVSS: 9.3EPSS: 39%CPEs: 40EXPL: 0

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a (1) .dir or (2) .dcr Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida adecuadamente los valores asociados con el cálculo del tamaño de búfer para un registro 0xFFFFFFF8 en archivos (1) .dir o (2) .dcr de una película de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica -heap-) o ejecutar código de su elección a través de una película manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing .dir and .dcr files. The director file format is RIFF based. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513312/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-164 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11805 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 25%CPEs: 40EXPL: 0

Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie. Desbordamiento de entero en la funcionalidad 3D en Adobe Shockwave Player anterior a 11.5.8.612, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica -heap-) o la ejecución de código de su elección a través de un tamaño con un valor manipulado en un registro 0xFFFFFF45 RIFF en una película de Director. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support for 3D objects. While parsing the 0xFFFFFF45 RIFF record type, the process performs arithmetic on a size value and uses the result for a heap-based allocation. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513305/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11970 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 13%CPEs: 40EXPL: 0

Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption. NOTE: due to conflicting information and use of the same CVE identifier by the vendor, ZDI, and TippingPoint, it is not clear whether this issue is related to use of an uninitialized pointer, an incorrect pointer offset calculation, or both. Vulnerabilidad sin especificar en Adobe Shockwave Player anterior a v11.5.8.612 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos que desencadenan una corrupción de memoria. NOTA: debido al conflicto de información y uso del mismo identificador CVE por el fabricante, ZDI y TippingPoint, no está claro si este problema está relacionado con el uso de un puntero sin inicializar, un cálculo de desplazamiento de puntero incorrecto o ambos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11924 • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 39%CPEs: 40EXPL: 0

Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente valores de offset (desplazamiento de pedazo) en el rcsL RIFF manipulado de (1) .DIR y (2) películas .DCR de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) o ejecutar código de su elección a través de una película manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the rcsL RIFF chunk within director files of extension DIR or DCR. While parsing this undocumented structure, the application blindly trusts an offset value and uses it while operating on heap memory. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513307/100/0/threaded http://www.securityfocus.com/bid/42682 http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-162 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12042 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 1%CPEs: 23EXPL: 0

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. Adobe Shockwave Player en versiones anteriores a la 11.5.7.609 permite a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código de su elección mediante vectores no especificados, una vulnerabilidad diferente a CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. • http://secunia.com/advisories/38751 http://www.adobe.com/support/security/bulletins/apsb10-12.html http://www.securityfocus.com/bid/40091 http://www.vupen.com/english/advisories/2010/1128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •