Main Vulnerability Database Vulnerabilities #VU44951

Buffer overflow in Shockwave Player - CVE-2011-2113

Published: June 17, 2011 / Updated: August 11, 2020

Vulnerability identifier: #VU44951

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2011-2113

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Adobe

Affected software:
Shockwave Player

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

How to mitigate CVE-2011-2113

Install update from vendor's website.

Sources

http://www.adobe.com/support/security/bulletins/apsb11-17.html
http://www.us-cert.gov/cas/techalerts/TA11-166A.html

Buffer overflow in Shockwave Player - CVE-2011-2113

Detailed vulnerability description

How to mitigate CVE-2011-2113

Sources

Please verify you're human