CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Adobe » Shockwave Player » 11.0.3.471 : Security Vulnerabilities Published In 2011 (Execute Code)

Cpe Name:cpe:/a:adobe:shockwave_player:11.0.3.471
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2011-2449 119 DoS Exec Code Overflow Mem. Corr. 2011-11-08 2012-02-14
10.0
 None Remote Low Not required Complete Complete Complete
The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
2 CVE-2011-2448 119 DoS Exec Code Overflow Mem. Corr. 2011-11-08 2012-02-14
10.0
 None Remote Low Not required Complete Complete Complete
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446.
3 CVE-2011-2447 119 DoS Exec Code Overflow Mem. Corr. 2011-11-08 2012-02-14
10.0
 None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
4 CVE-2011-2446 119 DoS Exec Code Overflow Mem. Corr. 2011-11-08 2012-02-14
10.0
 None Remote Low Not required Complete Complete Complete
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2448.
5 CVE-2011-2423 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
10.0
 None Remote Low Not required Complete Complete Complete
msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
6 CVE-2011-2422 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
10.0
 None Remote Low Not required Complete Complete Complete
Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
7 CVE-2011-2421 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file.
8 CVE-2011-2420 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
10.0
 None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
9 CVE-2011-2419 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
10.0
 None Remote Low Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
10 CVE-2011-2128 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2127.
11 CVE-2011-2127 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128.
12 CVE-2011-2126 119 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
13 CVE-2011-2125 119 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
14 CVE-2011-2124 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128.
15 CVE-2011-2123 189 Exec Code Overflow 2011-06-16 2011-10-11
9.3
 None Remote Medium Not required Complete Complete Complete
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.
16 CVE-2011-2122 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119.
17 CVE-2011-2121 189 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
18 CVE-2011-2120 189 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
19 CVE-2011-2119 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2122.
20 CVE-2011-2118 20 Exec Code 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability."
21 CVE-2011-2117 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.
22 CVE-2011-2116 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115.
23 CVE-2011-2115 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-12
9.3
 None Remote Medium Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.
24 CVE-2011-2114 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.
25 CVE-2011-2113 119 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
26 CVE-2011-2112 119 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
27 CVE-2011-2111 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116.
28 CVE-2011-2109 189 Exec Code Overflow 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
29 CVE-2011-2108 Exec Code 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design flaw."
30 CVE-2011-0569 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-23
9.3
 None Remote Medium Not required Complete Complete Complete
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556.
31 CVE-2011-0557 189 Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption.
32 CVE-2011-0556 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569.
33 CVE-2011-0555 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.
34 CVE-2011-0335 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, and CVE-2011-2122.
35 CVE-2011-0320 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.
36 CVE-2011-0319 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.
37 CVE-2011-0318 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.
38 CVE-2011-0317 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
 None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.
39 CVE-2010-4309 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
10.0
 None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4308.
40 CVE-2010-4308 119 DoS Exec Code Overflow Mem. Corr. 2011-08-11 2011-10-04
10.0
 None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4309.
41 CVE-2010-4307 119 Exec Code Overflow 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.
42 CVE-2010-4306 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4192.
43 CVE-2010-4196 20 Exec Code 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
44 CVE-2010-4195 20 Exec Code 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
45 CVE-2010-4194 20 Exec Code 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
46 CVE-2010-4193 20 Exec Code 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
47 CVE-2010-4192 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306.
48 CVE-2010-4191 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306.
49 CVE-2010-4190 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, wihch causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.
50 CVE-2010-4189 119 DoS Exec Code Overflow Mem. Corr. 2011-02-10 2011-02-17
9.3
 None Remote Medium Not required Complete Complete Complete
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset.
Total number of vulnerabilities : 56   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.