4 results (0.014 seconds)

CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0

An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. Se ha descubierto un problema en Adobe Shockwave 12.2.9.199 y anteriores. Existe una vulnerabilidad de corrupción de memoria explotable. • http://www.securityfocus.com/bid/101836 http://www.securitytracker.com/id/1039784 https://helpx.adobe.com/security/products/shockwave/apsb17-40.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 92%CPEs: 1EXPL: 1

Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885. Múltiples desbordamientos de búfer basado en pila en un control ActiveX en SwDir.dll 10.1.4.20 en Macromedia Shockwave permite a atacantes remotos provocar denegación de servicio (caida de Internet Explorer 7) y posiblemente ejecutar código de su elección a través de valores característicos de (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, o (6) DrawProgress, vectores diferentes que CVE-2006-6885. • https://www.exploit-db.com/exploits/3421 http://osvdb.org/36005 http://www.securityfocus.com/bid/22842 •

CVSS: 4.3EPSS: 15%CPEs: 1EXPL: 1

An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute. Un control ActiveX en SwDir.dll en Macromedia Shockwave 10 permite a un atacante remoto provocar denegación de servicio (caida de Internet Explorer 7) a través de una cadena en el atributo swURL. • https://www.exploit-db.com/exploits/3042 http://www.securityfocus.com/bid/22067 https://exchange.xforce.ibmcloud.com/vulnerabilities/31160 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1

Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). Macromedia Flash Plugin anteriores a 6.0.47 permite a atacantes remotos saltarse las restricciones de mismo dominio y leer ficheros arbitrarios mediante Una redirección HTTP Una base "file://" en un documento web una URL relativa de una archivo web (fichero.mht) • http://online.securityfocus.com/archive/1/286625 http://www.iss.net/security_center/static/9797.php http://www.macromedia.com/v1/handlers/index.cfm?ID=23294 http://www.securityfocus.com/bid/5429 https://access.redhat.com/security/cve/CVE-2002-1467 https://bugzilla.redhat.com/show_bug.cgi?id=1616916 •