CVE-2006-6885
published 2006-12-31CVE-2006-6885: An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string…
PriorityP414medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
7.23%
93.5th percentile
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| macromedia | shockwave | — | — |
| macromedia | shockwave | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cr72-p8f8-mx4g: An ActiveX control in SwDir
ghsa_unreviewed·2022-05-01
CVE-2006-6885 [MEDIUM] GHSA-cr72-p8f8-mx4g: An ActiveX control in SwDir
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
GHSA
GHSA-wc5m-225h-wq23: Multiple stack-based buffer overflows in an ActiveX control in SwDir
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2007-1403 [MEDIUM] GHSA-wc5m-225h-wq23: Multiple stack-based buffer overflows in an ActiveX control in SwDir
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885.
No detection rules found.
No writeups or analysis indexed.
2006-12-31
Published