CVE-2010-4188

Опубликовано: 10 фев. 2011

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer overflow, a different vulnerability than CVE-2010-2587 and CVE-2010-2588.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*

Версия до 11.5.9.615 (включая)

cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07095

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-2rc6-m8fx-55w4

github

больше 3 лет назад