This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Adobe First view 2005-12-31
Product Shockwave Player Last view 2019-05-23
Version 8.5.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:adobe:shockwave_player

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2019-05-23 CVE-2019-7104

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2019-05-23 CVE-2019-7103

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2019-05-23 CVE-2019-7102

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2019-05-23 CVE-2019-7101

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2019-05-23 CVE-2019-7100

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2019-05-23 CVE-2019-7099

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2019-05-23 CVE-2019-7098

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

8.8 2018-02-19 CVE-2012-0771

Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759.

9.8 2017-06-20 CVE-2017-3086

Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

7.8 2017-03-14 CVE-2017-2983

Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to escalation of privilege.

10 2015-10-28 CVE-2015-7649

Adobe Shockwave Player before 12.2.1.171 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10 2015-09-08 CVE-2015-6681

Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680.

10 2015-09-08 CVE-2015-6680

Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6681.

10 2015-07-14 CVE-2015-5121

Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5120.

10 2015-07-14 CVE-2015-5120

Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5121.

10 2014-03-14 CVE-2014-0505

Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10 2014-02-11 CVE-2014-0501

Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.

10 2014-02-11 CVE-2014-0500

Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501.

10 2013-12-11 CVE-2013-5334

Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333.

10 2013-12-11 CVE-2013-5333

Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334.

10 2013-09-12 CVE-2013-3360

Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359.

10 2013-09-12 CVE-2013-3359

Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360.

10 2013-07-10 CVE-2013-3348

Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10 2013-04-09 CVE-2013-1386

Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1384.

10 2013-04-09 CVE-2013-1385

Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.

CWE : Common Weakness Enumeration

%idName
72% (116) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (13) CWE-787 Out-of-bounds Write
6% (11) CWE-189 Numeric Errors
6% (11) CWE-20 Improper Input Validation
1% (3) CWE-399 Resource Management Errors
1% (2) CWE-190 Integer Overflow or Wraparound
1% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
0% (1) CWE-426 Untrusted Search Path
0% (1) CWE-264 Permissions, Privileges, and Access Controls

SAINT Exploits

Description Link
Adobe Shockwave Director rcsL Chunk Remote Code Execution More info here
Adobe Shockwave Player Lnam Chunk Processing Buffer Overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
76969 Adobe Shockwave Player TextXtra.x32 Multiple Unspecified Remote Overflow
76968 Adobe Shockwave Player TextXtra.x32 Director File Handling Remote Memory Corr...
76967 Adobe Shockwave Player DIRAPI.dll Director File RCSL Chunk Handling Remote Me...
76966 Adobe Shockwave Player DIRAPI.dll Director File Header Handling Remote Memory...
74429 Adobe Shockwave Player msvcr90.dll Unspecified Memory Corruption
74428 Adobe Shockwave Player Textra.x32 Unspecified Memory Corruption
74427 Adobe Shockwave Player Dirapi.dll Director Movie File Handling Unspecified Me...
74426 Adobe Shockwave Player Unspecified Memory Corruption (2011-2420)
74425 Adobe Shockwave Player IML32.dll Unspecified Memory Corruption
74424 Adobe Shockwave Player Unspecified Memory Corruption (2010-4309)
74423 Adobe Shockwave Player Unspecified Memory Corruption (2010-4308)
73034 Adobe Shockwave Player Unspecified Integer Overflow
73033 Adobe Shockwave Player Dirapi.dll Component Multiple Unspecified Integer Over...
73032 Adobe Shockwave Player NPAPI Plugin ole32 Library Drag and Drop Tab Destructi...
73031 Adobe Shockwave Player IML32.dll Component Unspecified Memory Corruption (201...
73030 Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73029 Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73028 Adobe Shockwave Player IML32.dll Component Unspecified Memory Corruption
73027 Adobe Shockwave Player Unspecified Memory Corruption (2011-2128)
73026 Adobe Shockwave Player Unspecified Memory Corruption (2011-2117)
73025 Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73024 Adobe Shockwave Player Shockwave 3D Asset x32 Component Integer Overflow (201...
73023 Adobe Shockwave Player IML32.dll Component Multiple Buffer Overflows
73022 Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73021 Adobe Shockwave Player FLV ASSET Xtra Component Unspecified Remote Code Execu...

ExploitDB Exploits

id Description
12578 Adobe Shockwave Player 11.5.6.606 (DIR) Multiple Memory Vulnerabilities

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-11-02 Name : Adobe Shockwave Player Multiple Vulnerabilities Nov-2012 (MAC OS X)
File : nvt/gb_adobe_shockwave_player_mult_vuln_nov12_macosx.nasl
2012-11-02 Name : Adobe Shockwave Player Multiple Vulnerabilities Nov-2012 (Windows)
File : nvt/gb_adobe_shockwave_player_mult_vuln_nov12_win.nasl
2012-08-20 Name : Adobe Shockwave Player Multiple Vulnerabilities - August 2012 (Mac OS X)
File : nvt/gb_adobe_shockwave_player_mult_vuln_aug12_macosx.nasl
2012-08-20 Name : Adobe Shockwave Player Multiple Vulnerabilities - August 2012 (Windows)
File : nvt/gb_adobe_shockwave_player_mult_vuln_aug12_win.nasl
2012-05-15 Name : Adobe Shockwave Player Multiple Code Execution and DoS Vulnerabilities (Mac O...
File : nvt/gb_adobe_shockwave_player_mult_code_exec_n_dos_vuln_macosx.nasl
2012-05-15 Name : Adobe Shockwave Player Multiple Code Execution and DoS Vulnerabilities (Windows)
File : nvt/gb_adobe_shockwave_player_mult_code_exec_n_dos_vuln_win.nasl
2012-02-22 Name : Adobe Flash Player Multiple Vulnerabilities (Windows) - Feb12
File : nvt/secpod_adobe_flash_player_mult_vuln_win_feb12.nasl
2012-02-22 Name : Adobe Flash Player Multiple Vulnerabilities (Mac OS X) - Feb12
File : nvt/secpod_adobe_flash_player_mult_vuln_macosx_feb12.nasl
2012-02-22 Name : Adobe Flash Player Multiple Vulnerabilities (Linux) - Feb12
File : nvt/secpod_adobe_flash_player_mult_vuln_lin_feb12.nasl
2012-02-17 Name : Adobe Shockwave Player Multiple Vulnerabilities - Feb 2012 (MAC OS X)
File : nvt/gb_adobe_shockwave_player_mult_vuln_macosx_feb12.nasl
2012-02-17 Name : Adobe Shockwave Player Multiple Vulnerabilities - Feb 2012 (Windows)
File : nvt/gb_adobe_shockwave_player_mult_vuln_win_feb12.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)
File : nvt/glsa_201110_11.nasl
2011-11-10 Name : Adobe Shockwave Player Multiple Vulnerabilities (MAC OS X) - Nov 2011
File : nvt/gb_adobe_shockwave_player_mult_vuln_nov11_macosx.nasl
2011-11-10 Name : Adobe Shockwave Player Multiple Vulnerabilities (Windows) - Nov 2011
File : nvt/gb_adobe_shockwave_player_mult_vuln_nov11_win.nasl
2011-08-29 Name : Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Aug 2011
File : nvt/secpod_adobe_shockwave_player_mult_code_exec_vuln_aug11.nasl
2011-08-29 Name : Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities (Mac OS X)
File : nvt/secpod_adobe_shockwave_player_mult_code_exec_vuln_macosx.nasl
2011-06-21 Name : Adobe Shockwave Player Multiple Unspecified Vulnerabilities
File : nvt/gb_adobe_shockwave_player_mult_unspecified_vuln.nasl
2011-02-15 Name : Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities - Feb 2011
File : nvt/gb_adobe_shockwave_player_mult_code_exec_vuln_feb11.nasl
2010-12-09 Name : Adobe Shockwave Player Multiple Vulnerabilities Nov-10
File : nvt/secpod_adobe_shockwave_player_mult_vuln_nov10.nasl
2010-11-12 Name : Adobe Shockwave Player Use-After-Free Vulnerability
File : nvt/gb_adobe_shockwave_player_use_after_free_vuln.nasl
2010-11-02 Name : Adobe Shockwave player Arbitrary Code Execution Vulnerability
File : nvt/gb_adobe_shockwave_player_arbitrary_code_exec_vuln_oct10.nasl
2010-09-01 Name : Adobe Shockwave Player Multiple Vulnerabilities Aug-10
File : nvt/secpod_adobe_shockwave_player_mult_vuln_aug10.nasl
2010-05-19 Name : Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities May-10
File : nvt/gb_adobe_shockwave_player_mult_code_exe_vuln_may10.nasl
2010-01-28 Name : Adobe Shockwave Player 3D Model Buffer Overflow Vulnerabilities
File : nvt/gb_adobe_shockwave_player_bof_vuln_jan10.nasl
2009-11-09 Name : Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities
File : nvt/gb_adobe_shockwave_player_mult_code_exe_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0209 Multiple Vulnerabilities in Adobe Shockwave Player
Severity: Category I - VMSKEY: V0061379
2014-A-0042 Adobe Shockwave Player Memory Corruption Vulnerability
Severity: Category I - VMSKEY: V0046771
2014-A-0022 Multiple Vulnerabilities in Adobe Shockwave Player
Severity: Category I - VMSKEY: V0044032
2013-A-0230 Multiple Vulnerabilities in Adobe Shockwave Player
Severity: Category I - VMSKEY: V0042594
2013-A-0170 Multiple Vulnerabilities in Adobe Shockwave
Severity: Category I - VMSKEY: V0040298

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-08-06 Adobe Director rscL chunk parsing denial of service attempt
RuleID : 50643 - Type : FILE-OTHER - Revision : 1
2019-08-06 Adobe Director rscL chunk parsing denial of service attempt
RuleID : 50642 - Type : FILE-OTHER - Revision : 1
2018-01-10 Adobe Shockwave newModel memory disclosure attempt
RuleID : 45126 - Type : FILE-OTHER - Revision : 2
2018-01-10 Adobe Shockwave newModel memory disclosure attempt
RuleID : 45125 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43236 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43235 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43234 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43233 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43232 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43231 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43230 - Type : FILE-OTHER - Revision : 2
2017-07-25 Adobe Shockwave Director Shockwave 3D buffer overflow attempt
RuleID : 43229 - Type : FILE-OTHER - Revision : 2
2017-06-01 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 42423 - Type : FILE-OTHER - Revision : 1
2017-06-01 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 42422 - Type : FILE-OTHER - Revision : 1
2017-05-31 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 42413 - Type : FILE-OTHER - Revision : 1
2017-05-31 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 42412 - Type : FILE-OTHER - Revision : 1
2015-03-31 Adobe Shockwave Player SwDir.dll PlayerVersion Buffer Overflow attempt
RuleID : 33593 - Type : FILE-OTHER - Revision : 3
2015-03-31 Adobe Shockwave Player SwDir.dll PlayerVersion Buffer Overflow attempt
RuleID : 33592 - Type : FILE-OTHER - Revision : 3
2014-01-10 Adobe Director remote code execution attempt
RuleID : 26029 - Type : FILE-OTHER - Revision : 5
2014-01-10 Adobe Shockwave Director rcsL chunk memory corruption attempt
RuleID : 26028 - Type : FILE-OTHER - Revision : 5
2014-01-10 Adobe Director file file rcsL overflow attempt
RuleID : 26027 - Type : FILE-OTHER - Revision : 6
2014-01-10 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 24762 - Type : FILE-OTHER - Revision : 7
2014-01-10 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 24761 - Type : FILE-OTHER - Revision : 10
2014-01-10 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 24703 - Type : FILE-OTHER - Revision : 7
2014-01-10 Adobe Director rcsL chunk parsing denial of service attempt
RuleID : 24702 - Type : FILE-OTHER - Revision : 10

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-06-15 Name: The remote Windows host contains a web browser plugin that is affected by a r...
File: shockwave_player_apsb17-18.nasl - Type: ACT_GATHER_INFO
2017-03-20 Name: The remote Windows host contains a web browser plugin that is affected by a D...
File: shockwave_player_apsb17-08.nasl - Type: ACT_GATHER_INFO
2016-06-22 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201509-07.nasl - Type: ACT_GATHER_INFO
2015-10-28 Name: The remote Windows host contains a web browser plugin that is affected by a r...
File: shockwave_player_apsb15-27.nasl - Type: ACT_GATHER_INFO
2015-10-28 Name: The remote Mac OS X host contains a web browser plugin that is affected by a ...
File: macosx_shockwave_player_apsb15-27.nasl - Type: ACT_GATHER_INFO
2015-09-09 Name: The remote Windows host contains a web browser plugin that is affected by mul...
File: shockwave_player_apsb15-22.nasl - Type: ACT_GATHER_INFO
2015-09-09 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb15-22.nasl - Type: ACT_GATHER_INFO
2015-07-15 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb15-17.nasl - Type: ACT_GATHER_INFO
2015-07-15 Name: The remote Windows host contains a web browser plugin that is affected by mul...
File: shockwave_player_apsb15-17.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb10-20.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb10-12.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb10-25.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb11-01.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb11-17.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb11-19.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb11-27.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb12-02.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb12-13.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb12-17.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb12-23.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb13-06.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by mu...
File: macosx_shockwave_player_apsb13-12.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by a ...
File: macosx_shockwave_player_apsb13-18.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by tw...
File: macosx_shockwave_player_apsb13-23.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote Mac OS X host contains a web browser plugin that is affected by tw...
File: macosx_shockwave_player_apsb13-29.nasl - Type: ACT_GATHER_INFO