9.3

CVE-2009-4003

Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeShockwave Player Version <= 11.5.2.602
AdobeShockwave Player Version1.0
AdobeShockwave Player Version2.0
AdobeShockwave Player Version3.0
AdobeShockwave Player Version4.0
AdobeShockwave Player Version5.0
AdobeShockwave Player Version6.0
AdobeShockwave Player Version8.0
AdobeShockwave Player Version8.5.1
AdobeShockwave Player Version9
AdobeShockwave Player Version10.1.0.11
AdobeShockwave Player Version11.0.0.456
AdobeShockwave Player Version11.5.0.595
AdobeShockwave Player Version11.5.0.596
AdobeShockwave Player Version11.5.1.601
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.39% 0.936
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/37888
Vendor Advisory
http://securitytracker.com/id?1023481
http://www.adobe.com/support/security/bulletins/apsb10-03.html
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2010/0171
Vendor Advisory
http://secunia.com/secunia_research/2009-62/
Vendor Advisory
http://secunia.com/secunia_research/2009-63/
Vendor Advisory
http://secunia.com/secunia_research/2010-1/
Vendor Advisory
http://www.securityfocus.com/archive/1/509053/100/0/threaded
http://www.securityfocus.com/archive/1/509055/100/0/threaded
http://www.securityfocus.com/archive/1/509058/100/0/threaded
http://www.securityfocus.com/bid/37872
https://exchange.xforce.ibmcloud.com/vulnerabilities/55759
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8538