The Director module (dirapi.dll) in Adobe Shockwave Player prior to 11.5.9.615 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe shockwave player 11.5.6.606 |
||
adobe shockwave player 11.5.2.602 |
||
adobe shockwave player 10.2.0.022 |
||
adobe shockwave player 10.1.0.11 |
||
adobe shockwave player 9.0.383 |
||
adobe shockwave player 9.0.432 |
||
adobe shockwave player 8.5.325 |
||
adobe shockwave player 8.0.196 |
||
adobe shockwave player 5.0 |
||
adobe shockwave player 4.0 |
||
adobe shockwave player 11.5.0.596 |
||
adobe shockwave player 11.5.7.609 |
||
adobe shockwave player 10.1.1.016 |
||
adobe shockwave player 10.1.0.011 |
||
adobe shockwave player 8.0.204 |
||
adobe shockwave player 8.0.205 |
||
adobe shockwave player 8.5.1.106 |
||
adobe shockwave player 8.0 |
||
adobe shockwave player 8.5.1.105 |
||
adobe shockwave player 1.0 |
||
adobe shockwave player |
||
adobe shockwave player 11.0.0.456 |
||
adobe shockwave player 11.0.3.471 |
||
adobe shockwave player 10.2.0.023 |
||
adobe shockwave player 10.0.1.004 |
||
adobe shockwave player 10.0.0.210 |
||
adobe shockwave player 8.5.1.100 |
||
adobe shockwave player 8.5.323 |
||
adobe shockwave player 8.5.1.103 |
||
adobe shockwave player 6.0 |
||
adobe shockwave player 11.5.1.601 |
||
adobe shockwave player 11.5.0.595 |
||
adobe shockwave player 10.2.0.021 |
||
adobe shockwave player 10.1.4.020 |
||
adobe shockwave player 8.5.321 |
||
adobe shockwave player 8.5.324 |
||
adobe shockwave player 8.0.196a |
||
adobe shockwave player 8.5.1 |
||
adobe shockwave player 3.0 |
||
adobe shockwave player 2.0 |
In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were tr...