The implementation of pami RIFF chunk parsing in Adobe Shockwave Player prior to 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe shockwave_player 11.5.2.602 |
||
adobe shockwave_player 8.0 |
||
adobe shockwave_player 8.5.1 |
||
adobe shockwave_player 11.5.0.595 |
||
adobe shockwave_player 11.0.0.456 |
||
adobe shockwave_player |
||
adobe shockwave_player 4.0 |
||
adobe shockwave_player 3.0 |
||
adobe shockwave_player 11.5.1.601 |
||
adobe shockwave_player 11.5.0.596 |
||
adobe shockwave_player 6.0 |
||
adobe shockwave_player 5.0 |
||
adobe shockwave_player 10.1.0.11 |
||
adobe shockwave_player 9 |
||
adobe shockwave_player 2.0 |
||
adobe shockwave_player 1.0 |
||
adobe shockwave_player - |