CVE-2011-2112Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Shockwave Player

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
18.4%
top 4.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Shockwave Player
Timeline
PublishedJun 16
Latest updateMay 17

Description

Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDadobe/shockwave_player11.5.9.620+42

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-m82q-rrm6-rh95: Multiple buffer overflows in IML322022-05-17
CVEList
CVE-2011-2112: Multiple buffer overflows in IML322011-06-16
CVE-2011-2112 — Adobe Shockwave Player vulnerability | cvebase