9.3
CVSSv2

CVE-2010-4087

Published: 29/10/2010 Updated: 10/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

IML32.dll in Adobe Shockwave Player prior to 11.5.9.615 allows malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with a crafted mmap record containing an invalid length of a VSWV entry, a different vulnerability than CVE-2010-4089.

Affected Products

Vendor Product Versions
AdobeShockwave Player1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 8.0, 8.0.196, 8.0.196a, 8.0.204, 8.0.205, 8.5.1, 8.5.1.100, 8.5.1.103, 8.5.1.105, 8.5.1.106, 8.5.321, 8.5.323, 8.5.324, 8.5.325, 9, 9.0.383, 9.0.432, 10.0.0.210, 10.0.1.004, 10.1.0.011, 10.1.0.11, 10.1.1.016, 10.1.4.020, 10.2.0.021, 10.2.0.022, 10.2.0.023, 11.0.0.456, 11.0.3.471, 11.5.0.595, 11.5.0.596, 11.5.1.601, 11.5.2.602, 11.5.6.606, 11.5.7.609, 11.5.8.612