Adobe Shockwave Player vulnerabilities

CVE-2010-4308 [CRITICAL] CWE-119 CVE-2010-4308: Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4309.

CVE-2011-2421 [CRITICAL] CWE-119 CVE-2011-2421: Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file.

CVE-2011-2422 [CRITICAL] CWE-119 CVE-2011-2422: Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2011-2420 [CRITICAL] CWE-119 CVE-2011-2420: Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2011-2419 [CRITICAL] CWE-119 CVE-2011-2419: IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary c IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2011-2423 [CRITICAL] CWE-119 CVE-2011-2423: msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2010-4309 [CRITICAL] CVE-2010-4309: Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4308.

CVE-2011-0335 [CRITICAL] CVE-2011-0335: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, and CVE-2011-2122.

CVE-2011-2115 [CRITICAL] CVE-2011-2115: IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary c IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.

CVE-2011-2128 [CRITICAL] CVE-2011-2128: Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2127.

CVE-2011-2113 [CRITICAL] CWE-119 CVE-2011-2113: Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0. Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

CVE-2011-2121 [CRITICAL] CWE-189 CVE-2011-2121: Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary c Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2011-2124 [CRITICAL] CVE-2011-2124: Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128.

CVE-2011-2114 [CRITICAL] CWE-119 CVE-2011-2114: Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.

CVE-2011-2118 [CRITICAL] CWE-20 CVE-2011-2118: The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability."

CVE-2011-0317 [CRITICAL] CWE-119 CVE-2011-0317: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

CVE-2011-0319 [CRITICAL] CVE-2011-0319: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

CVE-2011-2111 [CRITICAL] CWE-119 CVE-2011-2111: IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116.

CVE-2011-2108 [CRITICAL] CVE-2011-2108: Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design flaw."

CVE-2011-2123 [CRITICAL] CWE-189 CVE-2011-2123: Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.