VDB-78928 · CVE-2015-7649 · BID 77321

Adobe Shockwave Player avant 12.2.1.171 buffer overflow

Une vulnérabilité qui a été classée critique a été trouvée dans Adobe Shockwave Player (Multimedia Player Software). Affecté est une fonction inconnue. Mettre à jour à la version 12.2.1.171 élimine cette vulnérabilité.

Domaine02/03/2018 09:2725/06/2022 11:3625/06/2022 11:43
typeMultimedia Player SoftwareMultimedia Player SoftwareMultimedia Player Software
vendorAdobeAdobeAdobe
nameShockwave PlayerShockwave PlayerShockwave Player
cwe119 (buffer overflow)119 (buffer overflow)119 (buffer overflow)
risk222
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.95.95.9
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciCCC
cvss2_nvd_iiCCC
cvss2_nvd_aiCCC
cvss3_meta_basescore7.37.37.3
cvss3_meta_tempscore7.07.07.0
cvss3_vuldb_basescore7.37.37.3
cvss3_vuldb_tempscore7.07.07.0
date1445990400 (28/10/2015)1445990400 (28/10/2015)1445990400 (28/10/2015)
urlhttps://helpx.adobe.com/security/products/shockwave/apsb15-26.htmlhttps://helpx.adobe.com/security/products/shockwave/apsb15-26.htmlhttps://helpx.adobe.com/security/products/shockwave/apsb15-26.html
price_0day$5k-$25k$5k-$25k$5k-$25k
nameUpgradeUpgradeUpgrade
upgrade_version12.2.1.17112.2.1.17112.2.1.171
cveCVE-2015-7649CVE-2015-7649CVE-2015-7649
cve_nvd_published144599040014459904001445990400
cve_nvd_summaryAdobe Shockwave Player before 12.2.1.171 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.Adobe Shockwave Player before 12.2.1.171 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.Adobe Shockwave Player before 12.2.1.171 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
securityfocus773217732177321
vulnerabilitycenter540095400954009
vulnerabilitycenter_title[APSB15-26] Adobe Shockwave Player 12.2.0.162 and Earlier Remote Code Execution due to a Memory Corruption[APSB15-26] Adobe Shockwave Player 12.2.0.162 and Earlier Remote Code Execution due to a Memory Corruption[APSB15-26] Adobe Shockwave Player 12.2.0.162 and Earlier Remote Code Execution due to a Memory Corruption
vulnerabilitycenter_severityCriticalCriticalCritical
vulnerabilitycenter_creationdate144599040014459904001445990400
vulnerabilitycenter_lastupdate147018240014701824001470182400
vulnerabilitycenter_reportingdate144590400014459040001445904000
nessus_id866328663286632
nessus_filenamemacosx_shockwave_player_apsb15-27.naslmacosx_shockwave_player_apsb15-27.naslmacosx_shockwave_player_apsb15-27.nasl
fortigate_ips_id415714157141571
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcXXX
cvss3_vuldb_avNNN
cvss3_vuldb_prNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
confirm_urlhttps://helpx.adobe.com/security/products/shockwave/apsb15-26.htmlhttps://helpx.adobe.com/security/products/shockwave/apsb15-26.htmlhttps://helpx.adobe.com/security/products/shockwave/apsb15-26.html
cve_assigned1443657600 (01/10/2015)1443657600 (01/10/2015)1443657600 (01/10/2015)
openvas_id801103801103801103
openvas_filenamegb_adobe_shockwave_dos_vuln_oct15_win.naslgb_adobe_shockwave_dos_vuln_oct15_win.naslgb_adobe_shockwave_dos_vuln_oct15_win.nasl
openvas_titleAdobe Shockwave Player Denial of Service Vulnerability Oct15 (Windows)Adobe Shockwave Player Denial of Service Vulnerability Oct15 (Windows)Adobe Shockwave Player Denial of Service Vulnerability Oct15 (Windows)
openvas_familyDenial of ServiceDenial of ServiceDenial of Service
sectracker10339901033990
cvss2_nvd_basescore10.010.0
nessus_riskCritical

Interested in the pricing of exploits?

See the underground prices here!