CVE-2010-1280
published 2010-05-13CVE-2010-1280: Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir…
PriorityP258high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
16.64%
96.6th percentile
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | shockwave_player | < 11.5.7.609 | 11.5.7.609 |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
58 46 49 52 2C 23 00 00 33 39 56 4D 70 61 6D 69
- →Second crash context shows ECX=41414141 at IML32.dll offset 69009F1F, indicating register control via crafted .dir file — monitor for access violations in IML32.dll during Shockwave Player execution ↗
- →Vulnerability is triggered by opening a crafted .dir (Adobe Director) file in Shockwave Player 11.5.6.606 and earlier; detect suspicious .dir file opens in browser plugin or standalone player context ↗
- ·PoC was tested only on Microsoft Windows XP Professional SP3 (English); crash addresses (DIRAPI.dll, IML32.dll) may differ on other OS versions or patch levels ↗
- ·Affected version is 11.5.6.606 and earlier; Adobe Shockwave Player 11.5.7.609 and later are patched per vendor advisory APSB10-12 ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.htmlhttp://secunia.com/advisories/38751http://www.adobe.com/support/security/bulletins/apsb10-12.htmlhttp://www.securityfocus.com/archive/1/511257/100/0/threadedhttp://www.vupen.com/english/advisories/2010/1128http://www.zeroscience.mk/codes/shockwave_mem.txthttp://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.phphttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7184http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.htmlhttp://secunia.com/advisories/38751http://www.adobe.com/support/security/bulletins/apsb10-12.htmlhttp://www.securityfocus.com/archive/1/511257/100/0/threadedhttp://www.vupen.com/english/advisories/2010/1128http://www.zeroscience.mk/codes/shockwave_mem.txthttp://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.phphttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7184
2010-05-13
Published