Vulnerabilities > Adobe
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-13 | CVE-2010-1293 | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-05-13 | CVE-2010-1292 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Shockwave Player The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file. | 9.3 |
| 2010-05-13 | CVE-2010-1283 | Out-of-bounds Write vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record. | 9.3 |
| 2010-05-13 | CVE-2010-1282 | Infinite Loop vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file. | 4.3 |
| 2010-05-13 | CVE-2010-1281 | Out-of-bounds Write vulnerability in Adobe Shockwave Player iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file. | 8.8 |
| 2010-05-13 | CVE-2010-1280 | Out-of-bounds Write vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file. | 9.3 |
| 2010-05-13 | CVE-2010-0987 | Out-of-bounds Write vulnerability in Adobe Shockwave Player Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file. | 8.8 |
| 2010-05-13 | CVE-2010-0986 | Out-of-bounds Write vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file. | 8.8 |
| 2010-05-13 | CVE-2010-0130 | Integer Overflow or Wraparound vulnerability in Adobe Shockwave Player Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via a crafted .dir (aka Director) file. | 8.8 |
| 2010-05-13 | CVE-2010-0129 | Integer Overflow or Wraparound vulnerability in Adobe Shockwave Player Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error. | 9.3 |