Vulnerabilities > Adobe > Shockwave Player > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-14 | CVE-2017-2983 | Untrusted Search Path vulnerability in Adobe Shockwave Player Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. | 6.8 |
| 2010-08-26 | CVE-2010-2865 | Denial-Of-Service vulnerability in Shockwave Player Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service via unknown vectors. | 5.0 |
| 2010-05-13 | CVE-2010-1282 | Infinite Loop vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file. | 4.3 |
| 2007-10-08 | CVE-2007-5275 | Improper Input Validation vulnerability in Adobe Shockwave Player 9 The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324. | 5.0 |