9.3
CVSSv2

CVE-2010-1281

Published: 13/05/2010 Updated: 10/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

iml32.dll in Adobe Shockwave Player prior to 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.

Affected Products

Vendor Product Versions
AdobeShockwave Player1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 8.0, 8.5.1, 9, 10.1.0.11, 11.0.0.456, 11.5.0.595, 11.5.0.596, 11.5.1.601, 11.5.2.602, 11.5.6.606