Adobe : Security Vulnerabilities, CVEs, Published In May 2010 (Denial of service)
The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
Max CVSS
9.3
EPSS Score
16.25%
Published
2010-05-13
Updated
2022-02-28
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290.
Max CVSS
9.3
EPSS Score
1.86%
Published
2010-05-13
Updated
2022-02-28
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1291.
Max CVSS
9.3
EPSS Score
1.86%
Published
2010-05-13
Updated
2021-12-16
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.
Max CVSS
9.3
EPSS Score
1.86%
Published
2010-05-13
Updated
2022-02-28
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.
Max CVSS
9.3
EPSS Score
1.86%
Published
2010-05-13
Updated
2022-02-28
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.
Max CVSS
9.3
EPSS Score
1.86%
Published
2010-05-13
Updated
2022-02-28
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.
Max CVSS
9.3
EPSS Score
1.86%
Published
2010-05-13
Updated
2022-02-28
Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record.
Max CVSS
9.3
EPSS Score
15.17%
Published
2010-05-13
Updated
2022-04-05
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file.
Max CVSS
6.5
EPSS Score
3.19%
Published
2010-05-13
Updated
2022-04-05
iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
Max CVSS
9.3
EPSS Score
42.84%
Published
2010-05-13
Updated
2022-09-29
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
Max CVSS
9.3
EPSS Score
7.32%
Published
2010-05-13
Updated
2022-09-16
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file.
Max CVSS
9.3
EPSS Score
4.36%
Published
2010-05-13
Updated
2022-11-03
Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error.
Max CVSS
9.3
EPSS Score
4.17%
Published
2010-05-13
Updated
2022-06-07
Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir file that triggers an invalid read operation.
Max CVSS
9.3
EPSS Score
7.65%
Published
2010-05-13
Updated
2022-04-22
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file.
Max CVSS
9.3
EPSS Score
4.36%
Published
2010-05-13
Updated
2022-11-03
15 vulnerabilities found