CVE-2010-4190

Опубликовано: 10 фев. 2011

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*

Версия до 11.5.9.615 (включая)

cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04333

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-hhjw-fwx5-h53g

github

больше 3 лет назад