CVE-2009-3244 – Adobe Shockwave Player 11.5.1.601 - Multiple Code Executions

https://notcve.org/view.php?id=CVE-2009-3244

Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. Un desbordamiento de búfer en la región heap de la memoria en el control ActiveX de la biblioteca SwDir.dll en Shockwave Player de Adobe versiones 11.5.1.601 y anteriores, permite a los atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de un valor de propiedad PlayerVersion largo. • https://www.exploit-db.com/exploits/10093 https://www.exploit-db.com/exploits/9682 http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.exploit-db.com/exploits/9682 http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6530 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •