9.3
CVSSv2

CVE-2010-4089

Published: 29/10/2010 Updated: 10/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

IML32.dll in Adobe Shockwave Player prior to 11.5.9.615 allows malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087.

Affected Products

Vendor Product Versions
AdobeShockwave Player1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 8.0, 8.0.196, 8.0.196a, 8.0.204, 8.0.205, 8.5.1, 8.5.1.100, 8.5.1.103, 8.5.1.105, 8.5.1.106, 8.5.321, 8.5.323, 8.5.324, 8.5.325, 9, 9.0.383, 9.0.432, 10.0.0.210, 10.0.1.004, 10.1.0.011, 10.1.0.11, 10.1.1.016, 10.1.4.020, 10.2.0.021, 10.2.0.022, 10.2.0.023, 11.0.0.456, 11.0.3.471, 11.5.0.595, 11.5.0.596, 11.5.1.601, 11.5.2.602, 11.5.6.606, 11.5.7.609, 11.5.8.612