The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a…
adobe·CWE-119·Published 2010-10-26
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information.
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information.
El módulo Director (biblioteca dirapi.dll) en Shockwave Player de Adobe anterior a versión 11.5.9.615, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de una película de Director con un fragmento rcsL diseñado que contiene un campo cuyo valor se utiliza como un desplazamiento de puntero, como se explotó “in the wild” en octubre de 2010. NOTA: algunos de estos datos se obtienen de la información de terceros.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 9.3 | 8.6 | 10.0 | AV:N/AC:M/Au:N/C:C/I:C/A:C |