New Search

Adobe Shockwave Player Integer Overflow Vulnerability

oval:org.mitre.oval:def:8538

Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file leading to memory corruption; or (3) a crafted 3D model in a Shockwave file leading to heap memory corruption.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows Server 2003
  • Microsoft Windows 7
  • Microsoft Windows Server 2008
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2009-4003
Product(s):
  • Adobe Shockwave Player