Shockwave
by Macromedia
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-1403 | 0.05 | — | 0.29 | Mar 10, 2007 | Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4)… | |||
| CVE-2006-6885 | 0.04 | — | 0.07 | Dec 31, 2006 | An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute. | |||
| CVE-2002-1467 | 0.00 | — | 0.02 | Apr 22, 2003 | Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | |||
| CVE-1999-1526 | 0.00 | — | 0.01 | Mar 11, 1999 | Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia. | |||
| CVE-1999-1525 | 0.00 | — | 0.01 | Mar 14, 1997 | Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie. |
- CVE-2007-1403Mar 10, 2007risk 0.05cvss —epss 0.29
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4)…
- CVE-2006-6885Dec 31, 2006risk 0.04cvss —epss 0.07
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
- CVE-2002-1467Apr 22, 2003risk 0.00cvss —epss 0.02
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
- CVE-1999-1526Mar 11, 1999risk 0.00cvss —epss 0.01
Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.
- CVE-1999-1525Mar 14, 1997risk 0.00cvss —epss 0.01
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.