VYPR

Shockwave Player

by Adobe Inc.

CVEs (175)

  • CVE-2010-4307Feb 10, 2011
    risk 0.01cvss epss 0.06

    Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.

  • CVE-2010-4188Feb 10, 2011
    risk 0.01cvss epss 0.07

    The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and…

  • CVE-2010-3655Oct 29, 2010
    risk 0.01cvss epss 0.09

    Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors.

  • CVE-2010-2582Oct 29, 2010
    risk 0.01cvss epss 0.08

    An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when processing a DEMX chunk in a Director file, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code.

  • CVE-2010-2873Aug 26, 2010
    risk 0.01cvss epss 0.06

    Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

  • CVE-2010-1292May 13, 2010
    risk 0.01cvss epss 0.06

    The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory…

  • CVE-2009-4003Jan 21, 2010
    risk 0.01cvss epss 0.07

    Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via…

  • CVE-2009-4002Jan 21, 2010
    risk 0.01cvss epss 0.09

    Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file.

  • CVE-2019-7104May 23, 2019
    risk 0.00cvss epss 0.05

    Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2015-7649Oct 28, 2015
    risk 0.00cvss epss 0.04

    Adobe Shockwave Player before 12.2.1.171 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2015-6681Sep 9, 2015
    risk 0.00cvss epss 0.06

    Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680.

  • CVE-2015-6680Sep 9, 2015
    risk 0.00cvss epss 0.05

    Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6681.

  • CVE-2015-5121Jul 14, 2015
    risk 0.00cvss epss 0.04

    Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5120.

  • CVE-2015-5120Jul 14, 2015
    risk 0.00cvss epss 0.04

    Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5121.

  • CVE-2014-0505Mar 14, 2014
    risk 0.00cvss epss 0.05

    Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2014-0501Feb 12, 2014
    risk 0.00cvss epss 0.06

    Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.

  • CVE-2014-0500Feb 12, 2014
    risk 0.00cvss epss 0.06

    Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501.

  • CVE-2013-5334Dec 11, 2013
    risk 0.00cvss epss 0.04

    Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333.

  • CVE-2013-5333Dec 11, 2013
    risk 0.00cvss epss 0.04

    Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334.

  • CVE-2013-3360Sep 12, 2013
    risk 0.00cvss epss 0.05

    Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359.

Page 3 of 9