Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2010-05-13 CVE-2010-1283 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record.
network
low complexity
adobe CWE-787
8.8
2010-05-13 CVE-2010-1281 Out-of-bounds Write vulnerability in Adobe Shockwave Player
iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
network
low complexity
adobe CWE-787
8.8
2010-05-13 CVE-2010-1280 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
network
low complexity
adobe CWE-787
8.8
2010-05-13 CVE-2010-0987 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file.
network
low complexity
adobe CWE-787
8.8
2010-05-13 CVE-2010-0986 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file.
network
low complexity
adobe CWE-787
8.8
2010-05-13 CVE-2010-0130 Integer Overflow or Wraparound vulnerability in Adobe Shockwave Player
Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via a crafted .dir (aka Director) file.
network
low complexity
adobe CWE-190
8.8
2010-05-13 CVE-2010-0129 Integer Overflow or Wraparound vulnerability in Adobe Shockwave Player
Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error.
network
low complexity
adobe CWE-190
8.8
2010-05-13 CVE-2010-0127 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file.
network
low complexity
adobe CWE-787
8.8
2010-02-22 CVE-2010-0188 Unspecified vulnerability in Adobe Acrobat and Acrobat Reader
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
local
low complexity
adobe
7.8
2010-01-21 CVE-2010-0378 Use After Free vulnerability in Adobe Flash Player 6.0.79
Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
network
low complexity
adobe CWE-416
8.8