Shockwave Player
by Adobe Inc.
CVEs (175)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-7099 | 0.01 | — | 0.05 | May 23, 2019 | Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2019-7100 | 0.01 | — | 0.05 | May 23, 2019 | Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2019-7101 | 0.01 | — | 0.04 | May 23, 2019 | Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2019-7103 | 0.01 | — | 0.05 | May 23, 2019 | Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2013-0636 | 0.01 | — | 0.09 | Feb 13, 2013 | Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2012-5273 | 0.01 | — | 0.09 | Oct 23, 2012 | Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, and CVE-2012-4175. | |||
| CVE-2012-4176 | 0.01 | — | 0.07 | Oct 23, 2012 | Array index error in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2012-4175 | 0.01 | — | 0.10 | Oct 23, 2012 | Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, and CVE-2012-5273. | |||
| CVE-2012-4174 | 0.01 | — | 0.10 | Oct 23, 2012 | Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273. | |||
| CVE-2012-4173 | 0.01 | — | 0.10 | Oct 23, 2012 | Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4174, CVE-2012-4175, and CVE-2012-5273. | |||
| CVE-2012-4172 | 0.01 | — | 0.10 | Oct 23, 2012 | Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, and CVE-2012-5273. | |||
| CVE-2012-2031 | 0.01 | — | 0.18 | May 9, 2012 | Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and CVE-2012-2033. | |||
| CVE-2012-2029 | 0.01 | — | 0.06 | May 9, 2012 | Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033. | |||
| CVE-2011-2423 | 0.01 | — | 0.06 | Aug 11, 2011 | msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2011-2126 | 0.01 | — | 0.07 | Jun 16, 2011 | Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2011-2125 | 0.01 | — | 0.07 | Jun 16, 2011 | Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2011-2123 | 0.01 | — | 0.07 | Jun 16, 2011 | Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow. | |||
| CVE-2011-2115 | 0.01 | — | 0.08 | Jun 16, 2011 | IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and… | |||
| CVE-2011-2112 | 0.01 | — | 0.07 | Jun 16, 2011 | Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2011-2109 | 0.01 | — | 0.08 | Jun 16, 2011 | Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. |
- CVE-2019-7099May 23, 2019risk 0.01cvss —epss 0.05
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7100May 23, 2019risk 0.01cvss —epss 0.05
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7101May 23, 2019risk 0.01cvss —epss 0.04
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7103May 23, 2019risk 0.01cvss —epss 0.05
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2013-0636Feb 13, 2013risk 0.01cvss —epss 0.09
Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2012-5273Oct 23, 2012risk 0.01cvss —epss 0.09
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, and CVE-2012-4175.
- CVE-2012-4176Oct 23, 2012risk 0.01cvss —epss 0.07
Array index error in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2012-4175Oct 23, 2012risk 0.01cvss —epss 0.10
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, and CVE-2012-5273.
- CVE-2012-4174Oct 23, 2012risk 0.01cvss —epss 0.10
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273.
- CVE-2012-4173Oct 23, 2012risk 0.01cvss —epss 0.10
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4174, CVE-2012-4175, and CVE-2012-5273.
- CVE-2012-4172Oct 23, 2012risk 0.01cvss —epss 0.10
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, and CVE-2012-5273.
- CVE-2012-2031May 9, 2012risk 0.01cvss —epss 0.18
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and CVE-2012-2033.
- CVE-2012-2029May 9, 2012risk 0.01cvss —epss 0.06
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033.
- CVE-2011-2423Aug 11, 2011risk 0.01cvss —epss 0.06
msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
- CVE-2011-2126Jun 16, 2011risk 0.01cvss —epss 0.07
Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2011-2125Jun 16, 2011risk 0.01cvss —epss 0.07
Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2011-2123Jun 16, 2011risk 0.01cvss —epss 0.07
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.
- CVE-2011-2115Jun 16, 2011risk 0.01cvss —epss 0.08
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and…
- CVE-2011-2112Jun 16, 2011risk 0.01cvss —epss 0.07
Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
- CVE-2011-2109Jun 16, 2011risk 0.01cvss —epss 0.08
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
Page 2 of 9