The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Adobe Shockwave Player

weakness bulletin CVE-2017-11294

Adobe Shockwave Player: memory corruption

Synthesis of the vulnerability

An attacker can generate a memory corruption of Adobe Shockwave Player, in order to trigger a denial of service, and possibly to run code.
Severity: 4/4.
Creation date: 15/11/2017.
Revision date: 15/11/2017.
Identifiers: APSB17-40, CERTFR-2017-AVI-415, CVE-2017-11294, VIGILANCE-VUL-24434.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption of Adobe Shockwave Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-3086

Adobe Shockwave Player: memory corruption

Synthesis of the vulnerability

An attacker can generate a memory corruption of Adobe Shockwave Player, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 13/06/2017.
Identifiers: APSB17-18, CERTFR-2017-AVI-175, CVE-2017-3086, VIGILANCE-VUL-22961.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption of Adobe Shockwave Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2017-2983

Adobe Shockwave Player: executing DLL code

Synthesis of the vulnerability

An attacker can create a malicious DLL, and then put it in the current directory of Adobe Shockwave Player, in order to execute code.
Severity: 2/4.
Creation date: 14/03/2017.
Identifiers: APSB17-08, CERTFR-2017-AVI-078, CVE-2017-2983, VIGILANCE-VUL-22123.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Adobe Shockwave Player product uses external shared libraries (DLL).

However, if the working directory contains a malicious DLL, it is automatically loaded.

An attacker can therefore create a malicious DLL, and then put it in the current directory of Adobe Shockwave Player, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2015-6680 CVE-2015-6681

Adobe Shockwave Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Shockwave Player.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/09/2015.
Identifiers: APSB15-22, CVE-2015-6680, CVE-2015-6681, VIGILANCE-VUL-17839.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Adobe Shockwave Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-6680]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-6681]
Full Vigil@nce bulletin... (Free trial)

security threat CVE-2015-5120 CVE-2015-5121

Adobe Shockwave Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Shockwave Player.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 15/07/2015.
Identifiers: APSB15-17, CERTFR-2015-AVI-310, CVE-2015-5120, CVE-2015-5121, VIGILANCE-VUL-17369.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Adobe Shockwave Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-5120]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-5121]
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2014-0500 CVE-2014-0501

Adobe Shockwave Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Shockwave Player.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 11/02/2014.
Identifiers: APSB14-06, BID-65490, BID-65493, CERTFR-2014-AVI-067, CVE-2014-0500, CVE-2014-0501, VIGILANCE-VUL-14225.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Adobe Shockwave Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-65490, CVE-2014-0500]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-65493, CVE-2014-0501]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-5333 CVE-2013-5334

Adobe Shockwave Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Shockwave Player.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/12/2013.
Identifiers: APSB13-29, BID-64197, BID-64200, CERTA-2013-AVI-661, CVE-2013-5333, CVE-2013-5334, VIGILANCE-VUL-13924.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Adobe Shockwave Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-64197, CVE-2013-5333]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-64200, CVE-2013-5334]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-3359 CVE-2013-3360

Adobe Shockwave Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Shockwave Player.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/09/2013.
Identifiers: APSB13-23, BID-62291, BID-62292, CERTA-2013-AVI-511, CVE-2013-3359, CVE-2013-3360, VIGILANCE-VUL-13396.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Adobe Shockwave Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-62291, CVE-2013-3359]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-62292, CVE-2013-3360]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-3348

Adobe Shockwave Player: code execution

Synthesis of the vulnerability

An attacker can trigger code execution in Adobe Shockwave Player.
Severity: 4/4.
Creation date: 10/07/2013.
Identifiers: APSB13-18, BID-61040, CERTA-2013-AVI-406, CVE-2013-3348, VIGILANCE-VUL-13088.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger code execution in Adobe Shockwave Player.
Full Vigil@nce bulletin... (Free trial)

cybersecurity note CVE-2013-1383 CVE-2013-1384 CVE-2013-1385

Adobe Shockwave Player: several vulnerabilities

Synthesis of the vulnerability

Several Adobe Shockwave Player vulnerabilities can be used by an attacker to execute code or to create a denial of service.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 10/04/2013.
Identifiers: APSB13-12, BID-58971, BID-58980, BID-58982, BID-58983, BID-58984, CERTA-2013-AVI-236, CVE-2013-1383, CVE-2013-1384, CVE-2013-1385, CVE-2013-1386, FGA-2013-14, VIGILANCE-VUL-12643.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several Adobe Shockwave Player vulnerabilities were announced.

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-58984, CVE-2013-1383]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-58982, CVE-2013-1384, FGA-2013-14]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-58980, CVE-2013-1386]

An attacker can obtain information on the memory structure, in order to bypass ASLR. [severity:1/4; BID-58983, CVE-2013-1385]

An attacker can therefore invite the victim to display a malicious Shockwave object, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.