Multiple vulnerabilities in Adobe Shockwave Player



Published: 2010-10-21 | Updated: 2017-01-02
Risk Critical
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2010-4090
CVE-2010-4089
CVE-2010-4088
CVE-2010-4087
CVE-2010-4086
CVE-2010-4085
CVE-2010-4084
CVE-2010-3655
CVE-2010-2582
CVE-2010-2581
CVE-2010-3653
CWE-ID CWE-119
Exploitation vector Network
Public exploit Vulnerability #11 is being exploited in the wild.
Vulnerable software
Subscribe
Shockwave Player
Client/Desktop applications / Plugins for browsers, ActiveX components

Vendor Adobe

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Memory corruption

EUVDB-ID: #VU3074

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4090

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files. A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

2) Memory corruption

EUVDB-ID: #VU3073

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4089

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in IML32.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

3) Memory corruption

EUVDB-ID: #VU3072

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4088

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in dirapi.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

4) Memory corruption

EUVDB-ID: #VU3071

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4087

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in IML32.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

5) Memory corruption

EUVDB-ID: #VU3070

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4086

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in dirapi.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

6) Memory corruption

EUVDB-ID: #VU3069

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4085

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in dirapi.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

7) Memory corruption

EUVDB-ID: #VU3068

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-4084

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in dirapi.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

8) Stack-based buffer overflow

EUVDB-ID: #VU3067

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-3655

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files in dirapi.dll module . A remote attacker can create a specially crafted .swf file, trick the victim into opening it, trigger stack-based buffer overflow and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

9) Heap-based buffer overflow

EUVDB-ID: #VU3066

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-2582

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files. A remote attacker can create a specially crafted .swf file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

10) Memory corruption

EUVDB-ID: #VU3065

Risk: High

CVSSv3.1: 0 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/RL:O/RC:C]

CVE-ID: CVE-2010-2581

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing Adobe Director files in dirapi.dll module . A remote attacker can create a specially crafted Adobe Director file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.


Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb10-25.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

11) Memory corruption

EUVDB-ID: #VU3064

Risk: Critical

CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2010-3653

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing Adobe Director file with a specific value in an "rcsL" field causing an array-indexing error. A remote attacker can create a specially crafted Adobe Director file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Mitigation

Update to the latest version 11.5.9.615.

Vulnerable software versions

Shockwave Player: 11.5.8.612

CPE2.3 External links

http://www.adobe.com/support/security/advisories/apsa10-04.html
http://www.adobe.com/support/security/bulletins/apsb10-25.html
http://www.kb.cert.org/vuls/id/402231
http://www.exploit-db.com/exploits/15296/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.



###SIDEBAR###