CVSS: 9.3EPSS: 7%CPEs: 14EXPL: 0CVE-2009-3464
https://notcve.org/view.php?id=CVE-2009-3464
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3465. NOTE: some of these details are obtained from third party information. Adobe Shockwave Player anerior a v11.5.2.602, permite a atacantes remotos ejecutar código de su elección a través un contenido Shockwave manipulado en una página web. Relacionado con la "vulnerabilidad de puntero inválido. Cuestión distinta de CVE-2009-3465. • http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://exchange.xforce.ibmcloud.com/vulnerabilities/54119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6394 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 7%CPEs: 14EXPL: 0CVE-2009-3463
https://notcve.org/view.php?id=CVE-2009-3463
Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information. Error de indexación de array en Adobe Shockwave Player anterior a v11.5.2.602, permite a atacantes remotos ejecutar código de su elección a través de un contenido Shockwave manipulado en un sitios web. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://exchange.xforce.ibmcloud.com/vulnerabilities/54118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5677 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 14EXPL: 0CVE-2009-3465
https://notcve.org/view.php?id=CVE-2009-3465
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3464. NOTE: some of these details are obtained from third party information. Adobe Shockwave Player anerior a v11.5.2.602, permite a atacantes remotos ejecutar código de su elección a través un contenido Shockwave manipulado en una página web. Relacionado con la "vulnerabilidad de puntero inválido. Cuestión distinta de CVE-2009-3464. • http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://exchange.xforce.ibmcloud.com/vulnerabilities/54120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5722 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 84%CPEs: 41EXPL: 3CVE-2009-3244 – Adobe Shockwave Player 11.5.1.601 - Multiple Code Executions
https://notcve.org/view.php?id=CVE-2009-3244
Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. Un desbordamiento de búfer en la región heap de la memoria en el control ActiveX de la biblioteca SwDir.dll en Shockwave Player de Adobe versiones 11.5.1.601 y anteriores, permite a los atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de un valor de propiedad PlayerVersion largo. • https://www.exploit-db.com/exploits/10093 https://www.exploit-db.com/exploits/9682 http://securitytracker.com/id?1023123 http://www.adobe.com/support/security/bulletins/apsb09-16.html http://www.exploit-db.com/exploits/9682 http://www.securityfocus.com/bid/36905 http://www.vupen.com/english/advisories/2009/3134 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6530 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 12EXPL: 0CVE-2009-1860 – Adobe Shockwave Player Director File Parsing Pointer Overwrite Vulnerability
https://notcve.org/view.php?id=CVE-2009-1860
Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. Vulnerabilidad sin especificar en Adobe Shockwave Player anterior a v11.5.0.600 permite a atacantes remotos ejecutar código de su elección a través de contenido Shockwave Player 10 manipulado. This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. • http://secunia.com/advisories/35544 http://www.adobe.com/support/security/bulletins/apsb09-08.html http://www.securityfocus.com/bid/35469 http://www.securitytracker.com/id?1022440 •