Home/Product/adobe shockwave player
Product

adobe shockwave player

174 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2019-7103
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2019-7102
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2019-7101
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2019-7100
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2019-7099
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2019-7098
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2019-7104
<= 12.3.4.204
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead
9.8CRITICAL
 CVE-2012-0771
< 11.6.4.634
Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
8.8HIGH
 CVE-2017-3086
<= 12.2.8.198
Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could
9.8CRITICAL
 CVE-2017-2983
<= 12.2.7.197
Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploit
7.8HIGH
 CVE-2015-7649
<= 12.2.0.162
Adobe Shockwave Player before 12.2.1.171 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2015-6681
<= 12.1.9.160
Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2015-6680
<= 12.1.9.160
Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2015-5121
<= 12.1.8.158
Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2015-5120
<= 12.1.8.158
Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2014-0505
<= 12.0.9.149
Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory co
 CVE-2014-0501
<= 12.0.7.148
Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory co
 CVE-2014-0500
<= 12.0.7.148
Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory co
 CVE-2013-5334
all versions
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-5333
all versions
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-3360
<= 12.0.3.133
Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-3359
<= 12.0.3.133
Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-3348
<= 12.0.2.122
Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-1386
<= 12.0.0.112
Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-1385
<= 12.0.0.112
Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to by
 CVE-2013-1384
<= 12.0.0.112
Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2013-1383
<= 12.0.0.112
Buffer overflow in Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code via unspecified vectors.
 CVE-2013-0636
<= 11.6.8.638
Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified
 CVE-2013-0635
<= 11.6.8.638
Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-6271
<= 11.6.8.638
Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwav
 CVE-2012-6270
<= 11.6.8.638
Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compati
 CVE-2012-5273
<= 11.6.7.637
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a
 CVE-2012-4176
<= 11.6.7.637
Array index error in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors.
 CVE-2012-4175
<= 11.6.7.637
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a
 CVE-2012-4174
<= 11.6.7.637
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a
 CVE-2012-4173
<= 11.6.7.637
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a
 CVE-2012-4172
<= 11.6.7.637
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a
 CVE-2012-2047
<= 11.6.5.635
Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2046
<= 11.6.5.635
Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2045
<= 11.6.5.635
Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2044
<= 11.6.5.635
Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2043
<= 11.6.5.635
Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2033
all versions
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2032
all versions
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2031
all versions
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2030
all versions
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-2029
all versions
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-0766
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2012-0764
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2012-0763
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2012-0762
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2012-0761
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2012-0760
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2012-0759
<= 11.6.3.633
Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2012-0758
<= 11.6.3.633
Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code via unspecified
 CVE-2012-0757
<= 11.6.3.633
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a
 CVE-2011-2449
<= 11.6.1.629
The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of se
 CVE-2011-2448
<= 11.6.1.629
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of ser
 CVE-2011-2447
<= 11.6.1.629
Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2446
<= 11.6.1.629
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of ser
 CVE-2011-2423
<= 11.6.0.626
msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of ser
 CVE-2011-2422
<= 11.6.0.626
Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of serv
 CVE-2011-2421
<= 11.6.0.626
Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-2420
<= 11.6.0.626
Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory co
 CVE-2011-2419
<= 11.6.0.626
IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of servi
 CVE-2010-4309
<= 11.6.0.626
Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4308
<= 11.6.0.626
Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2128
<= 11.5.9.620
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2127
<= 11.5.9.620
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2126
<= 11.5.9.620
Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
 CVE-2011-2125
<= 11.5.9.620
Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecif
 CVE-2011-2124
<= 11.5.9.620
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2123
<= 11.5.9.620
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to ex
 CVE-2011-2122
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-2121
<= 11.5.9.620
Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
 CVE-2011-2120
<= 11.5.9.620
Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrar
 CVE-2011-2119
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-2118
<= 11.5.9.620
The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecifie
 CVE-2011-2117
<= 11.5.9.620
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2116
<= 11.5.9.620
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (mem
 CVE-2011-2115
<= 11.5.9.620
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of servi
 CVE-2011-2114
<= 11.5.9.620
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2011-2113
<= 11.5.9.620
Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute
 CVE-2011-2112
<= 11.5.9.620
Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via u
 CVE-2011-2111
<= 11.5.9.620
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (mem
 CVE-2011-2109
<= 11.5.9.620
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via
 CVE-2011-2108
<= 11.5.9.620
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design
 CVE-2011-0335
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-0320
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-0319
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-0318
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-0317
<= 11.5.9.620
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2011-0569
<= 11.5.9.615
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial
 CVE-2011-0557
<= 11.5.9.615
Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movi
 CVE-2011-0556
<= 11.5.9.615
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial
 CVE-2011-0555
<= 11.5.9.615
The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a d
 CVE-2010-4307
<= 11.5.9.615
Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.
 CVE-2010-4306
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4196
<= 11.5.9.615
The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which
 CVE-2010-4195
<= 11.5.9.615
The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows at
 CVE-2010-4194
<= 11.5.9.615
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows
 CVE-2010-4193
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbi
 CVE-2010-4192
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4191
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4190
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4189
<= 11.5.9.615
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of servi
 CVE-2010-4188
<= 11.5.9.615
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of
 CVE-2010-4187
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4093
<= 11.5.9.615
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-2589
<= 11.5.9.615
Integer overflow in the dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code v
 CVE-2010-2588
<= 11.5.9.615
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of
 CVE-2010-2587
<= 11.5.9.615
The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of
 CVE-2010-4092
<= 11.5.9.615
Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-ass
 CVE-2010-4090
<= 11.5.8.612
Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
 CVE-2010-4089
<= 11.5.8.612
IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (mem
 CVE-2010-4088
<= 11.5.8.612
dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2010-4087
<= 11.5.8.612
IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (mem
 CVE-2010-4086
<= 11.5.8.612
dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2010-4085
<= 11.5.8.612
dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2010-4084
<= 11.5.8.612
dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (me
 CVE-2010-3655
<= 11.5.8.612
Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code v
 CVE-2010-2582
<= 11.5.8.612
An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when pro
 CVE-2010-2581
<= 11.5.8.612
dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of serv
 CVE-2010-3653
<= 11.5.8.612
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or
 CVE-2010-2874
<= 11.5.7.609
Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknow
 CVE-2010-2882
<= 11.5.7.609
DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause
 CVE-2010-2881
<= 11.5.7.609
IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a
 CVE-2010-2880
<= 11.5.7.609
DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause
 CVE-2010-2879
<= 11.5.7.609
Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote at
 CVE-2010-2878
<= 11.5.7.609
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Dir
 CVE-2010-2877
<= 11.5.7.609
Adobe Shockwave Player before 11.5.8.612 does not properly validate a count value in a Director movie, which allows remote attacke
 CVE-2010-2876
<= 11.5.7.609
Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF
 CVE-2010-2875
<= 11.5.7.609
Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory
 CVE-2010-2873
<= 11.5.7.609
Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR
 CVE-2010-2872
<= 11.5.7.609
Adobe Shockwave Player before 11.5.8.612 does not properly validate an offset value in the pami RIFF chunk in a Director movie, wh
 CVE-2010-2871
<= 11.5.7.609
Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a den
 CVE-2010-2870
<= 11.5.7.609
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk size in the mmap chunk in a Dir
 CVE-2010-2869
<= 11.5.7.609
IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a
 CVE-2010-2868
<= 11.5.7.609
IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a
 CVE-2010-2867
<= 11.5.7.609
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL c
 CVE-2010-2866
<= 11.5.7.609
Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denia
 CVE-2010-2865
<= 11.5.7.609
Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service via unknown ve
 CVE-2010-2864
<= 11.5.7.609
IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a
 CVE-2010-2863
<= 11.5.7.609
Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1291
<= 11.5.6.606
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1290
<= 11.5.7.609
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1289
<= 11.5.6.606
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1288
<= 11.5.6.606
Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitrary code via unspecified vector
 CVE-2010-1287
<= 11.5.6.606
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1286
<= 11.5.6.606
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1284
<= 11.5.6.606
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arb
 CVE-2010-1292
<= 11.5.6.606
The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a
 CVE-2010-1283
< 11.5.7.609
Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote atta
8.8HIGH
 CVE-2010-1282
< 11.5.7.609
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption)
6.5MEDIUM
 CVE-2010-1281
< 11.5.7.609
iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointe
8.8HIGH
 CVE-2010-1280
< 11.5.7.609
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory co
8.8HIGH
 CVE-2010-0987
< 11.5.7.609
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via
8.8HIGH
 CVE-2010-0986
< 11.5.7.609
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial
8.8HIGH
 CVE-2010-0130
< 11.5.7.609
Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via a crafted
8.8HIGH
 CVE-2010-0129
< 11.5.7.609
Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory
8.8HIGH
 CVE-2010-0128
<= 11.5.6.606
Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows rem
 CVE-2010-0127
< 11.5.7.609
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory co
8.8HIGH
 CVE-2009-4003
<= 11.5.2.602
Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an
 CVE-2009-4002
<= 11.5.2.602
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a cra
 CVE-2009-3466
<= 11.5.1.601
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers me
 CVE-2009-3465
<= 11.5.1.601
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web
 CVE-2009-3464
<= 11.5.1.601
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web
 CVE-2009-3463
<= 11.5.1.601
Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockw
 CVE-2009-3244
<= 11.5.1.601
Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attacke
 CVE-2009-2186
<= 11.0.0.456
Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknow
 CVE-2009-1860
<= 11.5.0.596
Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafte
 CVE-2007-5941
all versions
Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of ser
 CVE-2007-5275
all versions
The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary ho
 CVE-2005-3525
all versions
Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier al
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin