VDB-54545 · CVE-2010-2882 · BID 42664

Adobe Shockwave Player up to 8.0.195 DIRAPI.dll memory corruption

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Adobe Shockwave Player up to 8.0.195 (Multimedia Player Software) and classified as very critical. This issue affects an unknown functionality in the library DIRAPI.dll. Upgrading to version 8.0.196 eliminates this vulnerability.

Field03/03/2017 09:46 AM09/24/2021 06:35 AM09/24/2021 06:45 AM
cvss3_vuldb_rlOOO
cvss3_vuldb_rcXXX
cvss3_vuldb_avNNN
cvss3_vuldb_prNNN
cvss3_vuldb_sCCC
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
typeMultimedia Player SoftwareMultimedia Player SoftwareMultimedia Player Software
vendorAdobeAdobeAdobe
nameShockwave PlayerShockwave PlayerShockwave Player
version<=8.0.195<=8.0.195<=8.0.195
libraryDIRAPI.dllDIRAPI.dllDIRAPI.dll
cwe119 (memory corruption)119 (memory corruption)119 (memory corruption)
risk222
cvss2_vuldb_basescore9.39.39.3
cvss2_vuldb_tempscore8.18.18.1
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss3_meta_basescore10.010.010.0
cvss3_meta_tempscore9.59.59.5
cvss3_vuldb_basescore10.010.010.0
cvss3_vuldb_tempscore9.59.59.5
date1282780800 (08/26/2010)1282780800 (08/26/2010)1282780800 (08/26/2010)
urlhttp://www.adobe.com/support/security/bulletins/apsb10-20.htmlhttp://www.adobe.com/support/security/bulletins/apsb10-20.htmlhttp://www.adobe.com/support/security/bulletins/apsb10-20.html
price_0day$5k-$25k$5k-$25k$5k-$25k
nameUpgradeUpgradeUpgrade
upgrade_version8.0.1968.0.1968.0.196
cveCVE-2010-2882CVE-2010-2882CVE-2010-2882
cve_nvd_published128278080012827808001282780800
cve_nvd_summaryDIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3812 of a certain file.DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3812 of a certain file.DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3812 of a certain file.
oval_idoval:org.mitre.oval:def:12069oval:org.mitre.oval:def:12069oval:org.mitre.oval:def:12069
vulnerabilitycenter269402694026940
vulnerabilitycenter_title[APSB10-20] Adobe Shockwave Player DIRAPI.dll Remote Code Execution Vulnerability via Crafted .dir Files[APSB10-20] Adobe Shockwave Player DIRAPI.dll Remote Code Execution Vulnerability via Crafted .dir Files[APSB10-20] Adobe Shockwave Player DIRAPI.dll Remote Code Execution Vulnerability via Crafted .dir Files
vulnerabilitycenter_severityCriticalCriticalCritical
vulnerabilitycenter_creationdate128312640012831264001283126400
vulnerabilitycenter_lastupdate141972480014197248001419724800
vulnerabilitycenter_reportingdate128278080012827808001282780800
nessus_id484364843648436
nessus_nameShockwave Player < 11.5.8.612Shockwave Player < 11.5.8.612Shockwave Player < 11.5.8.612
nessus_filenameshockwave_player_apsb10-20.naslshockwave_player_apsb10-20.naslshockwave_player_apsb10-20.nasl
nessus_familyWindowsWindowsWindows
openvas_id902237902237902237
openvas_filenamesecpod_adobe_shockwave_player_mult_vuln_aug10.naslsecpod_adobe_shockwave_player_mult_vuln_aug10.naslsecpod_adobe_shockwave_player_mult_vuln_aug10.nasl
openvas_titleAdobe Shockwave Player Multiple Vulnerabilities Aug-10Adobe Shockwave Player Multiple Vulnerabilities Aug-10Adobe Shockwave Player Multiple Vulnerabilities Aug-10
openvas_familyGeneralGeneralGeneral
paloalto_ips_id334003340033400
seealso54616 54544 54543 54542 54541 54540 54539 54538 54537 54536 54535 54534 54533 54532 54531 54530 54529 54528 5452754616 54544 54543 54542 54541 54540 54539 54538 54537 54536 54535 54534 54533 54532 54531 54530 54529 54528 5452754616 54544 54543 54542 54541 54540 54539 54538 54537 54536 54535 54534 54533 54532 54531 54530 54529 54528 54527
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auNNN
cvss2_nvd_ciCCC
cvss2_nvd_iiCCC
cvss2_nvd_aiCCC
confirm_urlhttp://www.adobe.com/support/security/bulletins/apsb10-20.htmlhttp://www.adobe.com/support/security/bulletins/apsb10-20.html
cve_assigned12801816001280181600
cvss2_nvd_basescore9.39.3
nessus_riskHigh
securityfocus42664
secunia41065

Do you want to use VulDB in your project?

Use the official API to access entries easily!