Vulnerabilities > Adobe > Shockwave Player > 11.5.0.596
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-05-13 | CVE-2010-0128 | Out-of-bounds Write vulnerability in Adobe Director and Shockwave Player Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir file that triggers an invalid read operation. | 9.3 |
2010-05-13 | CVE-2010-0127 | Out-of-bounds Write vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file. | 8.8 |
2010-01-21 | CVE-2009-4003 | Numeric Errors vulnerability in Adobe Shockwave Player Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption. | 9.3 |
2010-01-21 | CVE-2009-4002 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file. | 9.3 |
2009-11-04 | CVE-2009-3466 | Resource Management Errors vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an "invalid string length vulnerability." NOTE: some of these details are obtained from third party information. | 9.3 |
2009-11-04 | CVE-2009-3465 | Code Injection vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3464. | 9.3 |
2009-11-04 | CVE-2009-3464 | Code Injection vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3465. | 9.3 |
2009-11-04 | CVE-2009-3463 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. | 9.3 |
2009-09-18 | CVE-2009-3244 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | 9.3 |
2009-06-25 | CVE-2009-1860 | Remote Code Execution vulnerability in Adobe Shockwave Player Director File Parsing Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. | 9.3 |