Adobe Shockwave Player vulnerabilities

CVE-2011-2125 [CRITICAL] CWE-119 CVE-2011-2125: Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execu Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2011-2122 [CRITICAL] CVE-2011-2122: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119.

CVE-2011-0318 [CRITICAL] CVE-2011-0318: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

CVE-2011-2109 [CRITICAL] CWE-189 CVE-2011-2109: Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

CVE-2011-0320 [CRITICAL] CVE-2011-0320: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

CVE-2011-2120 [CRITICAL] CWE-189 CVE-2011-2120: Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2011-2112 [CRITICAL] CWE-119 CVE-2011-2112: Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers t Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

CVE-2011-2117 [CRITICAL] CVE-2011-2117: Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.

CVE-2011-2116 [CRITICAL] CVE-2011-2116: IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115.

CVE-2011-2126 [CRITICAL] CWE-119 CVE-2011-2126: Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary co Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2011-2127 [CRITICAL] CVE-2011-2127: Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128.

CVE-2011-2119 [CRITICAL] CVE-2011-2119: Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2122.

CVE-2011-0557 [CRITICAL] CWE-189 CVE-2011-0557: Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbi Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption.

CVE-2010-4191 [CRITICAL] CVE-2010-4191: Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306.

CVE-2010-4189 [CRITICAL] CWE-119 CVE-2010-4189: The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary c The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset.

CVE-2011-0569 [CRITICAL] CVE-2011-0569: The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arb The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556.

CVE-2010-4188 [CRITICAL] CVE-2010-4188: The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitr The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer ov

CVE-2010-4306 [CRITICAL] CVE-2010-4306: Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4192.

CVE-2010-2588 [CRITICAL] CVE-2010-2588: The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitr The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2587 and CVE-2010-4188.

CVE-2010-2587 [CRITICAL] CWE-119 CVE-2010-2587: The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitr The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2588 and CVE-2010-4188.