CVSS: 9.3EPSS: 7%CPEs: 14EXPL: 0CVE-2009-3464
https://notcve.org/view.php?id=CVE-2009-3464
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3465. NOTE: some of these details are obtained from third party information. Adobe Shockwave Player anerior a v11.5.2.602, permite a atacantes remotos ejecutar código de su elección a través un contenido Shockwave manipulado en una página web. Relacionado con la "vulnerabilidad de puntero inválido. Cuestión distinta de CVE-2009-3465. • http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://exchange.xforce.ibmcloud.com/vulnerabilities/54119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6394 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 7%CPEs: 14EXPL: 0CVE-2009-3465
https://notcve.org/view.php?id=CVE-2009-3465
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3464. NOTE: some of these details are obtained from third party information. Adobe Shockwave Player anerior a v11.5.2.602, permite a atacantes remotos ejecutar código de su elección a través un contenido Shockwave manipulado en una página web. Relacionado con la "vulnerabilidad de puntero inválido. Cuestión distinta de CVE-2009-3464. • http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://exchange.xforce.ibmcloud.com/vulnerabilities/54120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5722 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 7%CPEs: 14EXPL: 0CVE-2009-3463
https://notcve.org/view.php?id=CVE-2009-3463
Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information. Error de indexación de array en Adobe Shockwave Player anterior a v11.5.2.602, permite a atacantes remotos ejecutar código de su elección a través de un contenido Shockwave manipulado en un sitios web. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://exchange.xforce.ibmcloud.com/vulnerabilities/54118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5677 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 84%CPEs: 41EXPL: 3CVE-2009-3244 – Adobe Shockwave Player 11.5.1.601 - Multiple Code Executions
https://notcve.org/view.php?id=CVE-2009-3244
Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. Un desbordamiento de búfer en la región heap de la memoria en el control ActiveX de la biblioteca SwDir.dll en Shockwave Player de Adobe versiones 11.5.1.601 y anteriores, permite a los atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de un valor de propiedad PlayerVersion largo. • https://www.exploit-db.com/exploits/10093 https://www.exploit-db.com/exploits/9682 http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.exploit-db.com/exploits/9682 http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6530 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2009-2186
https://notcve.org/view.php?id=CVE-2009-2186
Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave Player 11.0.0.465." Una vulnerabilidad no especificada en Adobe Shockwave Player anterior a la versión 11.0.0.465 permite que los atacantes remotos ejecuten código arbitrario por medio de vectores desconocidos, una vulnerabilidad diferente de CVE-2009-1860, relacionada con un problema anterior que "was previously resolved in Shockwave Player 11.0.0.465." • http://www.adobe.com/support/security/bulletins/apsb09-08.html •