exploitDog

GHSA-wx33-xfw6-fh7w

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a (1) .dir or (2) .dcr Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a (1) .dir or (2) .dcr Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

Ссылки

EPSS

Процентиль: 93%

0.10749

Средний

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2010-2876

nvd

больше 15 лет назад

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a (1) .dir or (2) .dcr Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

EPSS

Процентиль: 93%

0.10749

Средний

CVE ID

Дефекты

CWE-20