Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia shockwave flash vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1467
Macromedia Flash Plugin prior to 6,0,47,0 allows remote malicious users to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
Macromedia Flash Player 6.0.40.0
Macromedia Shockwave 8.0
Macromedia Flash Player 6.0
Macromedia Flash Player 6.0.29.0
NA
CVE-2002-0846
The decoder for Macromedia Shockwave Flash allows remote malicious users to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
Macromedia Shockwave Flash
NA
CVE-1999-1525
Macromedia Shockwave prior to 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
Macromedia Shockwave Flash Plugin
NA
CVE-2001-0166
Macromedia Shockwave Flash plugin version 8 and previous versions allows remote malicious users to cause a denial of service via malformed tag length specifiers in a SWF file.
Macromedia Shockwave Flash Plugin
NA
CVE-1999-1526
Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.
Macromedia Shockwave Flash Plugin 7.0
NA
CVE-2002-1382
Macromedia Flash Player prior to 6.0.65.0 allows remote malicious users to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846.
Macromedia Flash Player 4.0 R12
Macromedia Flash Player 5.0
Macromedia Flash Player 5.0 R50
Macromedia Flash Player 6.0
Macromedia Flash Player 6.0.29.0
Macromedia Flash Player 6.0.40.0
Macromedia Flash Player 6.0.47.0
NA
CVE-2002-1881
Macromedia Flash Player 4.0 r12 up to and including 6.0.47.0 allows remote malicious users to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.
Macromedia Flash Player 5.0 R50
Macromedia Flash Player 6.0
Macromedia Flash Player 6.0.29.0
Macromedia Flash Player 6.0.40.0
Macromedia Flash Player 5.0
Macromedia Flash Player 6.0.47.0
Macromedia Flash Player 4.0 R12
NA
CVE-2012-6270
Adobe Shockwave Player up to and including 11.6.8.638 allows remote malicious users to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a &q...
Adobe Shockwave Player 11.5.9.615
Adobe Shockwave Player 11.6.5.635
Adobe Shockwave Player 11.5.0.596
Adobe Shockwave Player 11.5.9.620
Adobe Shockwave Player 10.1.1.016
Adobe Shockwave Player 10.1.0.011
Adobe Shockwave Player 8.0.205
Adobe Shockwave Player 8.5.1.100
Adobe Shockwave Player 8.0
Adobe Shockwave Player 8.5.1.105
Adobe Shockwave Player 1.0
Adobe Shockwave Player 11.6.7.637
Adobe Shockwave Player 11.5.6.606
Adobe Shockwave Player 11.5.2.602
Adobe Shockwave Player 11.5.1.601
Adobe Shockwave Player 11.5.8.612
Adobe Shockwave Player 11.5.0.595
Adobe Shockwave Player 10.2.0.021
Adobe Shockwave Player 10.1.4.020
Adobe Shockwave Player 8.5.324
Adobe Shockwave Player 8.0.204
Adobe Shockwave Player 8.5.1
NA
CVE-2007-5275
The Adobe Macromedia Flash 9 plug-in allows remote malicious users to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a c...
Adobe Shockwave Player 9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started