cbcvebase.
CVE-2010-1280
published 2010-05-13

CVE-2010-1280: Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir…

PriorityP258high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
16.64%
96.6th percentile
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.

Affected

1 ranges
VendorProductVersion rangeFixed in
adobeshockwave_player< 11.5.7.60911.5.7.609

Detection & IOCsextracted from sources · hover to see the quote

pathC:\Program Files\Adobe\Adobe Director 11\DIRAPI.dll
bytes
58 46 49 52 2C 23 00 00 33 39 56 4D 70 61 6D 69
  • Second crash context shows ECX=41414141 at IML32.dll offset 69009F1F, indicating register control via crafted .dir file — monitor for access violations in IML32.dll during Shockwave Player execution
  • Vulnerability is triggered by opening a crafted .dir (Adobe Director) file in Shockwave Player 11.5.6.606 and earlier; detect suspicious .dir file opens in browser plugin or standalone player context
  • ·PoC was tested only on Microsoft Windows XP Professional SP3 (English); crash addresses (DIRAPI.dll, IML32.dll) may differ on other OS versions or patch levels
  • ·Affected version is 11.5.6.606 and earlier; Adobe Shockwave Player 11.5.7.609 and later are patched per vendor advisory APSB10-12

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.