VYPR

Shockwave Flash Plugin

by Macromedia

CVEs (5)

  • CVE-2002-1467Apr 22, 2003
    risk 0.00cvss epss 0.02

    Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).

  • CVE-2002-0846Aug 12, 2002
    risk 0.00cvss epss 0.03

    The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.

  • CVE-2001-0166Mar 26, 2001
    risk 0.00cvss epss 0.02

    Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file.

  • CVE-1999-1526Mar 11, 1999
    risk 0.00cvss epss 0.01

    Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.

  • CVE-1999-1525Mar 14, 1997
    risk 0.00cvss epss 0.01

    Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.