Shockwave Flash Plugin
by Macromedia
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1467 | 0.00 | — | 0.02 | Apr 22, 2003 | Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | |||
| CVE-2002-0846 | 0.00 | — | 0.03 | Aug 12, 2002 | The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. | |||
| CVE-2001-0166 | 0.00 | — | 0.02 | Mar 26, 2001 | Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | |||
| CVE-1999-1526 | 0.00 | — | 0.01 | Mar 11, 1999 | Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia. | |||
| CVE-1999-1525 | 0.00 | — | 0.01 | Mar 14, 1997 | Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie. |
- CVE-2002-1467Apr 22, 2003risk 0.00cvss —epss 0.02
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
- CVE-2002-0846Aug 12, 2002risk 0.00cvss —epss 0.03
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
- CVE-2001-0166Mar 26, 2001risk 0.00cvss —epss 0.02
Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file.
- CVE-1999-1526Mar 11, 1999risk 0.00cvss —epss 0.01
Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.
- CVE-1999-1525Mar 14, 1997risk 0.00cvss —epss 0.01
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.