CVSS: 10.0EPSS: 35%CPEs: 40EXPL: 0CVE-2010-2873 – Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2873
Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente valores de offset (desplazamiento de pedazo) en el rcsL RIFF manipulado de (1) .DIR y (2) películas .DCR de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) o ejecutar código de su elección a través de una película manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the rcsL RIFF chunk within director files of extension DIR or DCR. While parsing this undocumented structure, the application blindly trusts an offset value and uses it while operating on heap memory. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513307/100/0/threaded http://www.securityfocus.com/bid/42682 http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-162 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12042 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 13%CPEs: 40EXPL: 0CVE-2010-2874 – Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2874
Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption. NOTE: due to conflicting information and use of the same CVE identifier by the vendor, ZDI, and TippingPoint, it is not clear whether this issue is related to use of an uninitialized pointer, an incorrect pointer offset calculation, or both. Vulnerabilidad sin especificar en Adobe Shockwave Player anterior a v11.5.8.612 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos que desencadenan una corrupción de memoria. NOTA: debido al conflicto de información y uso del mismo identificador CVE por el fabricante, ZDI y TippingPoint, no está claro si este problema está relacionado con el uso de un puntero sin inicializar, un cálculo de desplazamiento de puntero incorrecto o ambos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11924 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 35%CPEs: 40EXPL: 0CVE-2010-2876 – Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2876
Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a (1) .dir or (2) .dcr Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida adecuadamente los valores asociados con el cálculo del tamaño de búfer para un registro 0xFFFFFFF8 en archivos (1) .dir o (2) .dcr de una película de Director, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica -heap-) o ejecutar código de su elección a través de una película manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing .dir and .dcr files. The director file format is RIFF based. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513312/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-164 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11805 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 35%CPEs: 40EXPL: 0CVE-2010-2872 – Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2872
Adobe Shockwave Player before 11.5.8.612 does not properly validate an offset value in the pami RIFF chunk in a Director movie, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted movie. Adobe Shockwave Player anterior a v11.5.8.612 no valida correctamente un valor de desplazamiento en el fragmento pami RIFF en una película Director, el cual puede permitir a atacantes remotos producir una denegación de servicio (corrupción de memoria) o ejecutar código arbitrario mediante una película manipulada This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing Director files. When the application parses the pami RIFF chunk, it trusts an offset value and seeks into the file data. If provided with signed values in the data at the given offset, the process can be made to incorrectly calculate a pointer and operate on the data at it's location. • http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.securityfocus.com/archive/1/513306/100/0/threaded http://www.securitytracker.com/id?1024361 http://www.vupen.com/english/advisories/2010/2176 http://www.zerodayinitiative.com/advisories/ZDI-10-161 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11889 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 23EXPL: 0CVE-2010-1286
https://notcve.org/view.php?id=CVE-2010-1286
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. Adobe Shockwave Player en versiones anteriores a la 11.5.7.609 permite a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código de su elección mediante vectores no especificados, una vulnerabilidad diferente a CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. • http://secunia.com/advisories/38751 http://www.adobe.com/support/security/bulletins/apsb10-12.html http://www.vupen.com/english/advisories/2010/1128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7269 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •