VYPR

Shockwave

by Macromedia

CVEs (5)

  • CVE-2007-1403Mar 10, 2007
    risk 0.05cvss epss 0.29

    Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4)…

  • CVE-2006-6885Dec 31, 2006
    risk 0.04cvss epss 0.07

    An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.

  • CVE-2002-1467Apr 22, 2003
    risk 0.00cvss epss 0.02

    Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).

  • CVE-1999-1526Mar 11, 1999
    risk 0.00cvss epss 0.01

    Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.

  • CVE-1999-1525Mar 14, 1997
    risk 0.00cvss epss 0.01

    Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.