Published: 13/05/2010 Updated: 10/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

iml32.dll in Adobe Shockwave Player prior to does not validate a certain value from a file before using it in file-pointer calculations, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.

Affected Products

Vendor Product Versions
AdobeShockwave Player1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 8.0, 8.5.1, 9,,,,,,,