CVE-2010-4196 — Improper Input Validation in Adobe Shockwave Player
Severity
9.3CRITICALNVD
EPSS
10.2%
top 6.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 10
Latest updateMay 17
Description
The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0