what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2010-1280

Status Candidate

Overview

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.

Related Files

Adobe Shockwave DIRAPI Multiple Code Execution Vulnerabilities
Posted May 14, 2010
Authored by Chaouki Bekrar | Site vupen.com

VUPEN Vulnerability Research Team discovered seven critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to memory corruptions, array indexing, heap overflows and invalid pointers when processing malformed files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.

tags | advisory, web, overflow, arbitrary, vulnerability
advisories | CVE-2010-1280
SHA-256 | 350e0f3198e35fcf0c1c75b940682fbeffa174ddc0b609b86fc1a35c428f798e
Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite
Posted May 12, 2010
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.

tags | advisory, remote, web
advisories | CVE-2010-1280
SHA-256 | a0f77eecd2a1403c980cb9c466c4691d6c105d645ef19b2d595726c654d1d978
Adobe Shockwave Player 11.5.6.606 Memory Corruption
Posted May 12, 2010
Authored by LiquidWorm

Shockwave Player versions 11.5.6.606 and below from Adobe suffer from memory consumption / corruption and buffer overflow vulnerabilities that can aid the attacker in causing a denial of service scenario and arbitrary code execution. The vulnerable software fails to sanitize user input when processing .dir files resulting in a crash and overwrite of a few memory registers.

tags | exploit, denial of service, overflow, arbitrary, vulnerability, code execution
advisories | CVE-2010-1280
SHA-256 | 8ec4df5f63f6cfd2422941ca53290e7e3b28c5e09824a064172cf191aa1bea88
Page 1 of 1
Back1Next

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close