CVE-2005-3525Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Shockwave Player

3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
37.7%
top 2.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Shockwave Player
Timeline
PublishedDec 31
Latest updateMay 1

Description

Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDadobe/shockwave_player9 versions+8

🔴Vulnerability Details

2
GHSA
GHSA-pc88-mg34-2qrc: Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 102022-05-01
CVEList
CVE-2005-3525: Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 102006-02-23
CVE-2005-3525 — Adobe Shockwave Player vulnerability | cvebase