Vulnerabilities > Adobe > Shockwave Player > 9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-25 | CVE-2009-1860 | Remote Code Execution vulnerability in Adobe Shockwave Player Director File Parsing Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. | 9.3 |
| 2007-10-08 | CVE-2007-5275 | Improper Input Validation vulnerability in Adobe Shockwave Player 9 The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324. | 5.0 |