Filtered by vendor Adobe
Subscriptions
Filtered by product Shockwave Player
Subscriptions
Total
174 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3360 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359. | ||||
| CVE-2013-5333 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334. | ||||
| CVE-2014-0501 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500. | ||||
| CVE-2011-2446 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2448. | ||||
| CVE-2011-2447 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2011-2448 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446. | ||||
| CVE-2011-2449 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2010-4192 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306. | ||||
| CVE-2011-0556 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569. | ||||
| CVE-2011-0569 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556. | ||||
| CVE-2012-6270 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a "downgrading" attack. | ||||
| CVE-2012-6271 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwave movie that contains an Xtra URL, as demonstrated by a URL for an outdated Xtra. | ||||
| CVE-2010-2867 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to a "pointer offset vulnerability." | ||||
| CVE-2010-2870 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk size in the mmap chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie. | ||||
| CVE-2010-2879 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted (1) element count or (2) element size value in a file. | ||||
| CVE-2010-1283 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2025-04-11 | 8.8 High |
| Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record. | ||||
| CVE-2009-3466 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an "invalid string length vulnerability." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5941 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method. | ||||
| CVE-2007-5275 | 2 Adobe, Redhat | 2 Shockwave Player, Rhel Extras | 2025-04-09 | N/A |
| The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324. | ||||
| CVE-2009-3244 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | ||||