Vulnerabilities > Adobe > Shockwave Player > 11.5.8.612
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-10-29 | CVE-2010-3655 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2010-10-29 | CVE-2010-2582 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when processing a DEMX chunk in a Director file, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code. | 9.3 |
| 2010-10-29 | CVE-2010-2581 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director file containing a crafted pamm chunk with an invalid (1) size and (2) number of sub-chunks, a different vulnerability than CVE-2010-4084, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088. | 9.3 |
| 2010-10-26 | CVE-2010-3653 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. | 9.3 |
| 2009-09-18 | CVE-2009-3244 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | 9.3 |