High severity8.8NVD Advisory· Published May 13, 2010· Updated Jun 16, 2026
CVE-2010-1280
CVE-2010-1280
Description
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*range: <11.5.7.609
- (no CPE)range: <11.5.7.609
Patches
Vulnerability mechanics
References
8- www.adobe.com/support/security/bulletins/apsb10-12.htmlnvdPatchVendor Advisory
- www.zeroscience.mk/codes/shockwave_mem.txtnvdExploitThird Party Advisory
- www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.phpnvdExploitThird Party Advisory
- secunia.com/advisories/38751nvdBroken LinkVendor Advisory
- www.vupen.com/english/advisories/2010/1128nvdBroken LinkVendor Advisory
- archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.htmlnvdBroken Link
- www.securityfocus.com/archive/1/511257/100/0/threadednvdBroken LinkVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7184nvdTool Signature
News mentions
0No linked articles in our index yet.