cvelistv5 - cve-2010-1289

CVE-2010-1289 (GCVE-0-2010-1289)

Vulnerability from cvelistv5 – Published: 2010-05-13 21:00 – Updated: 2024-08-07 01:21

Summary

Severity ?

No CVSS data available.

CWE

Assigner

adobe

References

URL

Tags

	http://secunia.com/advisories/38751	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.adobe.com/support/security/bulletins/a…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/40087	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2010/1128	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:21:17.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38751",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38751"
          },
          {
            "name": "oval:org.mitre.oval:def:6652",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
          },
          {
            "name": "40087",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40087"
          },
          {
            "name": "ADV-2010-1128",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1128"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-05-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "38751",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38751"
        },
        {
          "name": "oval:org.mitre.oval:def:6652",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
        },
        {
          "name": "40087",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40087"
        },
        {
          "name": "ADV-2010-1128",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1128"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2010-1289",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38751",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38751"
            },
            {
              "name": "oval:org.mitre.oval:def:6652",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
            },
            {
              "name": "40087",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40087"
            },
            {
              "name": "ADV-2010-1128",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1128"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2010-1289",
    "datePublished": "2010-05-13T21:00:00",
    "dateReserved": "2010-04-06T00:00:00",
    "dateUpdated": "2024-08-07T01:21:17.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.5.6.606\", \"matchCriteriaId\": \"568143B8-4800-4BCE-86DD-B9E410509C48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA5643BC-12F8-4F05-A363-9FC97EF1DD0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"085FA7DD-8048-4768-816C-82828022FCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"966A8542-E5E1-468F-989E-47F71123A426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A77F1733-6755-44E7-8ECC-CFB397FC79A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC55CB2C-4DBC-4D16-96A7-FB3316A21D51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17F5982F-35BD-49A0-9DBE-774816136D57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D18289BB-6568-4671-BC70-C8744DD2E0C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF19CBB1-F047-4472-A19D-48A147396383\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61B9485-2A42-4C95-9A10-3F1102E4EBBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79FEEF7E-B477-485A-B9BC-98F6D1A2B10B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C56F007-5F8E-4BDD-A803-C907BCC0AF55\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74A5F44B-F1F2-4D7F-9F6D-53AE0A192F0A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E33796DB-4523-4F04-B564-ADF030553D51\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3527F41-A6ED-437D-9833-458A2C60C2A3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32623D48-7000-4C7D-823F-7D2A9841D88C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.\"}, {\"lang\": \"es\", \"value\": \"Adobe Shockwave Player en versiones anteriores a la 11.5.7.609 permite a atacantes provocar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria) o posiblemente ejecutar c\\u00f3digo de su elecci\\u00f3n mediante vectores no especificados, una vulnerabilidad diferente a CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.\"}]",
      "evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb10-12.html\r\n\r\n\u0027Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions update to Adobe Shockwave Player 11.5.7.609\u0027\r\n",
      "id": "CVE-2010-1289",
      "lastModified": "2024-11-21T01:14:03.610",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2010-05-13T21:30:01.627",
      "references": "[{\"url\": \"http://secunia.com/advisories/38751\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-12.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/40087\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1128\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38751\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-12.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/40087\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1128\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "psirt@adobe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-1289\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2010-05-13T21:30:01.627\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.\"},{\"lang\":\"es\",\"value\":\"Adobe Shockwave Player en versiones anteriores a la 11.5.7.609 permite a atacantes provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados, una vulnerabilidad diferente a CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.5.6.606\",\"matchCriteriaId\":\"568143B8-4800-4BCE-86DD-B9E410509C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA5643BC-12F8-4F05-A363-9FC97EF1DD0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"085FA7DD-8048-4768-816C-82828022FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"966A8542-E5E1-468F-989E-47F71123A426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A77F1733-6755-44E7-8ECC-CFB397FC79A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC55CB2C-4DBC-4D16-96A7-FB3316A21D51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F5982F-35BD-49A0-9DBE-774816136D57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D18289BB-6568-4671-BC70-C8744DD2E0C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF19CBB1-F047-4472-A19D-48A147396383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61B9485-2A42-4C95-9A10-3F1102E4EBBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79FEEF7E-B477-485A-B9BC-98F6D1A2B10B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C56F007-5F8E-4BDD-A803-C907BCC0AF55\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74A5F44B-F1F2-4D7F-9F6D-53AE0A192F0A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33796DB-4523-4F04-B564-ADF030553D51\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3527F41-A6ED-437D-9833-458A2C60C2A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32623D48-7000-4C7D-823F-7D2A9841D88C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/38751\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-12.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/40087\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1128\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-12.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/40087\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}],\"evaluatorSolution\":\"Per: http://www.adobe.com/support/security/bulletins/apsb10-12.html\\r\\n\\r\\n\u0027Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions update to Adobe Shockwave Player 11.5.7.609\u0027\\r\\n\"}}"
  }
}

FKIE_CVE-2010-1289

Vulnerability from fkie_nvd - Published: 2010-05-13 21:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@adobe.com	http://secunia.com/advisories/38751	Vendor Advisory
psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb10-12.html	Patch, Vendor Advisory
psirt@adobe.com	http://www.securityfocus.com/bid/40087	Third Party Advisory, VDB Entry
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/1128	Patch, Vendor Advisory
psirt@adobe.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38751	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb10-12.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/40087	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1128	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652	Third Party Advisory

Impacted products

Vendor	Product	Version
adobe	shockwave_player	*
adobe	shockwave_player	1.0
adobe	shockwave_player	2.0
adobe	shockwave_player	3.0
adobe	shockwave_player	4.0
adobe	shockwave_player	5.0
adobe	shockwave_player	6.0
adobe	shockwave_player	8.0
adobe	shockwave_player	8.5.1
adobe	shockwave_player	9
adobe	shockwave_player	10.1.0.11
adobe	shockwave_player	11.0.0.456
adobe	shockwave_player	11.5.0.595
adobe	shockwave_player	11.5.0.596
adobe	shockwave_player	11.5.1.601
adobe	shockwave_player	11.5.2.602
apple	macos	*
microsoft	windows	*
adobe	shockwave_player	-
microsoft	windows_7	-
microsoft	windows_server_2003	-
microsoft	windows_server_2008	-
microsoft	windows_vista	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "568143B8-4800-4BCE-86DD-B9E410509C48",
              "versionEndIncluding": "11.5.6.606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA5643BC-12F8-4F05-A363-9FC97EF1DD0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "085FA7DD-8048-4768-816C-82828022FCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "966A8542-E5E1-468F-989E-47F71123A426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77F1733-6755-44E7-8ECC-CFB397FC79A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC55CB2C-4DBC-4D16-96A7-FB3316A21D51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F5982F-35BD-49A0-9DBE-774816136D57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D18289BB-6568-4671-BC70-C8744DD2E0C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF19CBB1-F047-4472-A19D-48A147396383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61B9485-2A42-4C95-9A10-3F1102E4EBBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FEEF7E-B477-485A-B9BC-98F6D1A2B10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C56F007-5F8E-4BDD-A803-C907BCC0AF55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74A5F44B-F1F2-4D7F-9F6D-53AE0A192F0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3527F41-A6ED-437D-9833-458A2C60C2A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291."
    },
    {
      "lang": "es",
      "value": "Adobe Shockwave Player en versiones anteriores a la 11.5.7.609 permite a atacantes provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados, una vulnerabilidad diferente a CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291."
    }
  ],
  "evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb10-12.html\r\n\r\n\u0027Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions update to Adobe Shockwave Player 11.5.7.609\u0027\r\n",
  "id": "CVE-2010-1289",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-05-13T21:30:01.627",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38751"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/40087"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1128"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/40087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2010-1289

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-1289

Aliases

CVE-2010-1289

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-1289",
    "description": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.",
    "id": "GSD-2010-1289"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-1289"
      ],
      "details": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.",
      "id": "GSD-2010-1289",
      "modified": "2023-12-13T01:21:32.659860Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@adobe.com",
        "ID": "CVE-2010-1289",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "38751",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/38751"
          },
          {
            "name": "oval:org.mitre.oval:def:6652",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
          },
          {
            "name": "40087",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/40087"
          },
          {
            "name": "ADV-2010-1128",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/1128"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.5.6.606",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2010-1289"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2010-1128",
              "refsource": "VUPEN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1128"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
            },
            {
              "name": "38751",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/38751"
            },
            {
              "name": "40087",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/40087"
            },
            {
              "name": "oval:org.mitre.oval:def:6652",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2022-02-28T14:41Z",
      "publishedDate": "2010-05-13T21:30Z"
    }
  }
}

CERTA-2010-AVI-207

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans Adobe Shockwave Player permettent à une personne malintentionnée d'exécuter du code arbitraire à distance via Adobe Shockwave Player.

Description

Plusieurs vulnérabilités de type corruption de mémoire, boucle infine ou dépassement de mémoire tampon permettent à une personne distante malintentionnée d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Adobe Shockwave Player versions 11.5.6.606 et antérieures pour Windows et Macintosh.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB10-12 du 11 mai 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eAdobe Shockwave Player versions 11.5.6.606 et ant\u00e9rieures pour  Windows et Macintosh.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de type corruption de m\u00e9moire, boucle infine ou\nd\u00e9passement de m\u00e9moire tampon permettent \u00e0 une personne distante\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0987"
    },
    {
      "name": "CVE-2010-1283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1283"
    },
    {
      "name": "CVE-2010-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1292"
    },
    {
      "name": "CVE-2010-1286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1286"
    },
    {
      "name": "CVE-2010-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0129"
    },
    {
      "name": "CVE-2010-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0128"
    },
    {
      "name": "CVE-2010-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1281"
    },
    {
      "name": "CVE-2010-1288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1288"
    },
    {
      "name": "CVE-2010-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1290"
    },
    {
      "name": "CVE-2010-1282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1282"
    },
    {
      "name": "CVE-2010-1289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1289"
    },
    {
      "name": "CVE-2010-1280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1280"
    },
    {
      "name": "CVE-2010-0986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0986"
    },
    {
      "name": "CVE-2010-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0130"
    },
    {
      "name": "CVE-2010-1287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1287"
    },
    {
      "name": "CVE-2010-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0127"
    },
    {
      "name": "CVE-2010-1291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1291"
    },
    {
      "name": "CVE-2010-1284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1284"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-207",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Adobe Shockwave Player permettent \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance via\nAdobe Shockwave Player.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Shockwave Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-12 du 11 mai 2010",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
    }
  ]
}

CERTA-2010-AVI-207

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans Adobe Shockwave Player permettent à une personne malintentionnée d'exécuter du code arbitraire à distance via Adobe Shockwave Player.

Description

Plusieurs vulnérabilités de type corruption de mémoire, boucle infine ou dépassement de mémoire tampon permettent à une personne distante malintentionnée d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Adobe Shockwave Player versions 11.5.6.606 et antérieures pour Windows et Macintosh.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB10-12 du 11 mai 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eAdobe Shockwave Player versions 11.5.6.606 et ant\u00e9rieures pour  Windows et Macintosh.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de type corruption de m\u00e9moire, boucle infine ou\nd\u00e9passement de m\u00e9moire tampon permettent \u00e0 une personne distante\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0987"
    },
    {
      "name": "CVE-2010-1283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1283"
    },
    {
      "name": "CVE-2010-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1292"
    },
    {
      "name": "CVE-2010-1286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1286"
    },
    {
      "name": "CVE-2010-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0129"
    },
    {
      "name": "CVE-2010-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0128"
    },
    {
      "name": "CVE-2010-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1281"
    },
    {
      "name": "CVE-2010-1288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1288"
    },
    {
      "name": "CVE-2010-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1290"
    },
    {
      "name": "CVE-2010-1282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1282"
    },
    {
      "name": "CVE-2010-1289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1289"
    },
    {
      "name": "CVE-2010-1280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1280"
    },
    {
      "name": "CVE-2010-0986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0986"
    },
    {
      "name": "CVE-2010-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0130"
    },
    {
      "name": "CVE-2010-1287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1287"
    },
    {
      "name": "CVE-2010-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0127"
    },
    {
      "name": "CVE-2010-1291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1291"
    },
    {
      "name": "CVE-2010-1284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1284"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-207",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Adobe Shockwave Player permettent \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance via\nAdobe Shockwave Player.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Shockwave Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-12 du 11 mai 2010",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
    }
  ]
}

GHSA-RCV7-WRR6-XX34

Vulnerability from github – Published: 2022-05-02 06:21 – Updated: 2022-05-02 06:21

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-1289"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-05-13T21:30:00Z",
    "severity": "HIGH"
  },
  "details": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.",
  "id": "GHSA-rcv7-wrr6-xx34",
  "modified": "2022-05-02T06:21:10Z",
  "published": "2022-05-02T06:21:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1289"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38751"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/40087"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1128"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201005-0108

Vulnerability from variot - Updated: 2023-12-18 12:11

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291. Adobe Shockwave Player is prone to an unspecified remote code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Shockwave Player 11.5.6.606 and prior are vulnerable. NOTE: This issue was previously discussed in BID 40066 (Adobe Shockwave Player APSB10-12 Multiple Remote Vulnerabilities) but has been given its own record to better document it. These people now have access to some of the best the Web has to offer - including dazzling 3D games and entertainment, interactive product demonstrations, and online learning applications. The vulnerable software fails to sanitize user input when processing .dir files resulting in a crash and overwrite of a few memory registers.

--------------------------------------------------------------------------------

(f94.ae4): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=20a0a0a0 ebx=207d004c ecx=00000400 edx=41414140 esi=00000000 edi=a80487d8 eip=68008bd6 esp=0012de4c ebp=00000400 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00050206 *** WARNING: Unable to verify checksum for C:\Program Files\Adobe\Adobe Director 11\DIRAPI.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for DIRAPI.dll - DIRAPI!Ordinal14+0x3b16: 68008bd6 2b4f04 sub ecx,dword ptr [edi+4] ds:0023:a80487dc=???????? ----------------------- EAX FFFFFFFF ECX 41414141 EDX FFFFFFFF EBX 00000018 ESP 0012F3B4 EBP 02793578 ESI 0012F3C4 EDI 02793578 EIP 69009F1F IML32.69009F1F
--------------------------------------------------------------------------------

Tested on: Microsoft Windows XP Professional SP3 (English). ----------------------------------------------------------------------

Looking for a job?

Secunia is hiring skilled researchers and talented developers.

1) A boundary error while processing FFFFFF45h Shockwave 3D blocks can be exploited to corrupt memory.

2) A signedness error in the processing of Director files can be exploited to corrupt memory.

3) An array indexing error when processing Director files can be exploited to corrupt memory.

4) An integer overflow error when processing Director files can be exploited to corrupt memory.

5) An error when processing asset entries contained in Director files can be exploited to corrupt memory.

6) A boundary error when processing embedded fonts can be exploited to cause a heap-based buffer overflow via a specially crafted Director file.

7) An error when processing Director files can be exploited to overwrite 4 bytes of memory.

8) An error in the implementation of ordinal function 1409 in iml32.dll can be exploited to corrupt heap memory via a specially crafted Director file.

9) An error when processing a 4-byte field inside FFFFFF49h Shockwave 3D blocks can be exploited to corrupt heap memory.

10) An unspecified error can be exploited to corrupt memory.

11) A second unspecified error can be exploited to corrupt memory.

12) A third unspecified error can be exploited to corrupt memory.

13) A fourth unspecified error can be exploited to cause a buffer overflow.

14) A fifth unspecified error can be exploited to corrupt memory.

15) A sixth unspecified error can be exploited to corrupt memory.

16) A seventh unspecified error can be exploited to corrupt memory.

17) An error when processing signed values encountered while parsing "pami" RIFF chunks can be exploited to corrupt memory.

The vulnerabilities are reported in versions 11.5.6.606 and prior on Windows and Macintosh.

SOLUTION: Update to version 11.5.7.609. http://get.adobe.com/shockwave/

PROVIDED AND/OR DISCOVERED BY: 1-6) Alin Rad Pop, Secunia Research

The vendor also credits: 2) Nahuel Riva of Core Security Technologies. 3) Chaouki Bekrar of Vupen, Code Audit Labs, and an anonymous person working with iDefense. 7) Chaouki Bekrar and Sebastien Renaud of Vupen, Code Audit Labs, Gjoko Krstic of Zero Science Lab, and Chro HD of Fortinet's FortiGuard Labs. 8, 17) an anonymous person working with ZDI. 9) Chaouki Bekrar of Vupen and an anonymous person working with ZDI. 10) Chaouki Bekrar of Vupen. 11-16) Chro HD of Fortinet's FortiGuard Labs.

CHANGELOG: 2010-05-12: Updated "Extended Description" and added PoCs for vulnerabilities #2, #3, #4, and #6.

ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/bulletins/apsb10-12.html

Secunia Research: http://secunia.com/secunia_research/2010-17/ http://secunia.com/secunia_research/2010-19/ http://secunia.com/secunia_research/2010-20/ http://secunia.com/secunia_research/2010-22/ http://secunia.com/secunia_research/2010-34/ http://secunia.com/secunia_research/2010-50/

ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-087/ http://www.zerodayinitiative.com/advisories/ZDI-10-088/ http://www.zerodayinitiative.com/advisories/ZDI-10-089/

iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869

Code Audit Labs: http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0137.html http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0138.html http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.html

Zero Science Lab: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.php

Core Security Technologies: http://www.coresecurity.com/content/adobe-director-invalid-read

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201005-0108",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "shockwave player",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "adobe",
        "version": "11.5.6.606"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "4.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "10.1.0.11"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "1.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "2.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "8.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "5.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "8.5.1"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "9"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "6.0"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "adobe",
        "version": "11.5.2.602"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "adobe",
        "version": "11.5.1.601"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.5.0.596"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.0.456"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": null
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.5.0.595"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.5.6.606"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.5.2.606"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.5.601"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.5.600"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.5.596"
      },
      {
        "model": "shockwave player",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.5.7.609"
      },
      {
        "model": "shockwave player",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "adobe incorporated",
        "version": "11.5.6.606"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "db": "BID",
        "id": "40087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.5.6.606",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Chro HD of Fortinet\u0027s FortiGuard Labs.",
    "sources": [
      {
        "db": "BID",
        "id": "40087"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2010-1289",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2010-1289",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-43894",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2010-1289",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201005-212",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "ZSL",
            "id": "ZSL-2010-4937",
            "trust": 0.1,
            "value": "(4/5)"
          },
          {
            "author": "VULHUB",
            "id": "VHN-43894",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291. Adobe Shockwave Player is prone to an unspecified remote code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. \nAdobe Shockwave Player 11.5.6.606 and prior are vulnerable. \nNOTE: This issue was previously discussed in BID 40066 (Adobe Shockwave Player APSB10-12 Multiple Remote Vulnerabilities) but has been given its own record to better document it. \t These people now have access to some of the best the Web has to offer - including\t dazzling 3D games and entertainment, interactive product demonstrations, and online\t learning applications. The vulnerable software fails to sanitize user input when      processing .dir files resulting in a crash and overwrite of a few memory registers.\u003cbr/\u003e\u003cbr/\u003e      --------------------------------------------------------------------------------\u003cbr/\u003e\u003cbr/\u003e\u003ccode\u003e (f94.ae4): Access violation - code c0000005 (first chance)\u003cbr/\u003e First chance exceptions are reported before any exception handling.\u003cbr/\u003e This exception may be expected and handled.\u003cbr/\u003e eax=20a0a0a0 ebx=207d004c ecx=00000400 edx=41414140 esi=00000000 edi=a80487d8\u003cbr/\u003e eip=68008bd6 esp=0012de4c ebp=00000400 iopl=0         nv up ei pl nz na pe nc\u003cbr/\u003e cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00050206\u003cbr/\u003e *** WARNING: Unable to verify checksum for C:\\Program Files\\Adobe\\Adobe Director 11\\DIRAPI.dll\u003cbr/\u003e *** ERROR: Symbol file could not be found.  Defaulted to export symbols for DIRAPI.dll - \u003cbr/\u003e DIRAPI!Ordinal14+0x3b16:\u003cbr/\u003e 68008bd6 2b4f04          sub     ecx,dword ptr [edi+4] ds:0023:a80487dc=????????\u003cbr/\u003e\u003cbr/\u003e-----------------------\u003cbr/\u003e\u003cbr/\u003eEAX FFFFFFFF\u003cbr/\u003eECX 41414141\u003cbr/\u003eEDX FFFFFFFF\u003cbr/\u003eEBX 00000018\u003cbr/\u003eESP 0012F3B4\u003cbr/\u003eEBP 02793578\u003cbr/\u003eESI 0012F3C4\u003cbr/\u003eEDI 02793578\u003cbr/\u003eEIP 69009F1F IML32.69009F1F\u003cbr/\u003e\u003c/code\u003e\u003cbr/\u003e--------------------------------------------------------------------------------\u003cbr/\u003e\u003cbr/\u003eTested on: Microsoft Windows XP Professional SP3 (English). ----------------------------------------------------------------------\n\n\nLooking for a job?\n\n\nSecunia is hiring skilled researchers and talented developers. \n\n1) A boundary error while processing FFFFFF45h Shockwave 3D blocks\ncan be exploited to corrupt memory. \n\n2) A signedness error in the processing of Director files can be\nexploited to corrupt memory. \n\n3) An array indexing error when processing Director files can be\nexploited to corrupt memory. \n\n4) An integer overflow error when processing Director files can be\nexploited to corrupt memory. \n\n5) An error when processing asset entries contained in Director files\ncan be exploited to corrupt memory. \n\n6) A boundary error when processing embedded fonts can be exploited\nto cause a heap-based buffer overflow via a specially crafted\nDirector file. \n\n7) An error when processing Director files can be exploited to\noverwrite 4 bytes of memory. \n\n8) An error in the implementation of ordinal function 1409 in\niml32.dll can be exploited to corrupt heap memory via a specially\ncrafted Director file. \n\n9) An error when processing a 4-byte field inside FFFFFF49h Shockwave\n3D blocks can be exploited to corrupt heap memory. \n\n10) An unspecified error can be exploited to corrupt memory. \n\n11) A second unspecified error can be exploited to corrupt memory. \n\n12) A third unspecified error can be exploited to corrupt memory. \n\n13) A fourth unspecified error can be exploited to cause a buffer\noverflow. \n\n14) A fifth unspecified error can be exploited to corrupt memory. \n\n15) A sixth unspecified error can be exploited to corrupt memory. \n\n16) A seventh unspecified error can be exploited to corrupt memory. \n\n17) An error when processing signed values encountered while parsing\n\"pami\" RIFF chunks can be exploited to corrupt memory. \n\nThe vulnerabilities are reported in versions 11.5.6.606 and prior on\nWindows and Macintosh. \n\nSOLUTION:\nUpdate to version 11.5.7.609. \nhttp://get.adobe.com/shockwave/\n\nPROVIDED AND/OR DISCOVERED BY:\n1-6) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n2) Nahuel Riva of Core Security Technologies. \n3) Chaouki Bekrar of Vupen, Code Audit Labs, and an anonymous person\nworking with iDefense. \n7) Chaouki Bekrar and Sebastien Renaud of Vupen, Code Audit Labs,\nGjoko Krstic of Zero Science Lab, and Chro HD of Fortinet\u0027s\nFortiGuard Labs. \n8, 17) an anonymous person working with ZDI. \n9) Chaouki Bekrar of Vupen and an anonymous person working with ZDI. \n10) Chaouki Bekrar of Vupen. \n11-16) Chro HD of Fortinet\u0027s FortiGuard Labs. \n\nCHANGELOG:\n2010-05-12: Updated \"Extended Description\" and added PoCs for\nvulnerabilities #2, #3, #4, and #6. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/bulletins/apsb10-12.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2010-17/\nhttp://secunia.com/secunia_research/2010-19/\nhttp://secunia.com/secunia_research/2010-20/\nhttp://secunia.com/secunia_research/2010-22/\nhttp://secunia.com/secunia_research/2010-34/\nhttp://secunia.com/secunia_research/2010-50/\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-087/\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-088/\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-089/\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869\n\nCode Audit Labs:\nhttp://archives.neohapsis.com/archives/fulldisclosure/2010-05/0137.html\nhttp://archives.neohapsis.com/archives/fulldisclosure/2010-05/0138.html\nhttp://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.html\n\nZero Science Lab:\nhttp://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.php\n\nCore Security Technologies:\nhttp://www.coresecurity.com/content/adobe-director-invalid-read\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "BID",
        "id": "40087"
      },
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "db": "PACKETSTORM",
        "id": "89462"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.zeroscience.mk/codes/shockwave_mem.txt",
        "trust": 0.1,
        "type": "poc"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "38751",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "40087",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289",
        "trust": 2.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-1128",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212",
        "trust": 0.7
      },
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937",
        "trust": 0.3
      },
      {
        "db": "XF",
        "id": "58447",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "12578",
        "trust": 0.1
      },
      {
        "db": "BID",
        "id": "40081",
        "trust": 0.1
      },
      {
        "db": "OSVDB",
        "id": "64646",
        "trust": 0.1
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2010.0436",
        "trust": 0.1
      },
      {
        "db": "SECTRACK",
        "id": "1023980",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-43894",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-10-087",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-10-089",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-10-088",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "89462",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "db": "BID",
        "id": "40087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "PACKETSTORM",
        "id": "89462"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "id": "VAR-201005-0108",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:11:17.754000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APSB10-12",
        "trust": 0.8,
        "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
      },
      {
        "title": "APSB10-12",
        "trust": 0.8,
        "url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-12.html"
      },
      {
        "title": "Adobe Shockwave Player version 11.5.7.609",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3594"
      },
      {
        "title": "Adobe Shockwave Player version 11.5.7.609",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=4082"
      },
      {
        "title": "Adobe Shockwave Player version 11.5.7.609",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=4081"
      },
      {
        "title": "Adobe Shockwave Player version 11.5.7.609",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=4080"
      },
      {
        "title": "Shockwave 11.5.7.609 for Mac Slim",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3595"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.vupen.com/english/advisories/2010/1128"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/40087"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/38751"
      },
      {
        "trust": 2.2,
        "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
      },
      {
        "trust": 1.7,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6652"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1289"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1289"
      },
      {
        "trust": 0.3,
        "url": "http://www.adobe.com"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/38751/"
      },
      {
        "trust": 0.1,
        "url": "http://packetstormsecurity.org/filedesc/zsl-2010-4937.txt.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.qualys.com/research/alerts/view.php/2010-05-11-2"
      },
      {
        "trust": 0.1,
        "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1280"
      },
      {
        "trust": 0.1,
        "url": "http://www.exploit-db.com/exploits/12578"
      },
      {
        "trust": 0.1,
        "url": "http://www.securityfocus.com/bid/40081"
      },
      {
        "trust": 0.1,
        "url": "http://www.0daynet.com/2010/0512/335.html"
      },
      {
        "trust": 0.1,
        "url": "http://securityreason.com/exploitalert/8249"
      },
      {
        "trust": 0.1,
        "url": "http://forums.cnet.com/5208-6132_102-0.html?messageid=3303052"
      },
      {
        "trust": 0.1,
        "url": "http://news.dreamings.org/?p=1050"
      },
      {
        "trust": 0.1,
        "url": "http://securitytracker.com/alerts/2010/may/1023980.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.auscert.org.au/render.html?it=12789"
      },
      {
        "trust": 0.1,
        "url": "http://securityvulns.ru/xdocument830.html"
      },
      {
        "trust": 0.1,
        "url": "http://xforce.iss.net/xforce/xfdb/58447"
      },
      {
        "trust": 0.1,
        "url": "http://osvdb.org/show/osvdb/64646"
      },
      {
        "trust": 0.1,
        "url": "http://www.nessus.org/plugins/index.php?view=single\u0026amp;id=46329"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2010-19/"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-10-089/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/company/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0138.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2010-17/"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-10-087/"
      },
      {
        "trust": 0.1,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0139.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2010-34/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-10-088/"
      },
      {
        "trust": 0.1,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0137.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2010-22/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2010-50/"
      },
      {
        "trust": 0.1,
        "url": "http://get.adobe.com/shockwave/"
      },
      {
        "trust": 0.1,
        "url": "http://www.coresecurity.com/content/adobe-director-invalid-read"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2010-20/"
      },
      {
        "trust": 0.1,
        "url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2010-4937.php"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "db": "BID",
        "id": "40087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "PACKETSTORM",
        "id": "89462"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "db": "BID",
        "id": "40087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "db": "PACKETSTORM",
        "id": "89462"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-05-11T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "date": "2010-05-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "date": "2010-05-11T00:00:00",
        "db": "BID",
        "id": "40087"
      },
      {
        "date": "2010-06-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "date": "2010-05-13T07:29:48",
        "db": "PACKETSTORM",
        "id": "89462"
      },
      {
        "date": "2010-05-13T21:30:01.627000",
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "date": "2010-05-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-06T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2010-4937"
      },
      {
        "date": "2017-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-43894"
      },
      {
        "date": "2010-05-12T16:02:00",
        "db": "BID",
        "id": "40087"
      },
      {
        "date": "2010-06-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      },
      {
        "date": "2022-02-28T14:41:36.190000",
        "db": "NVD",
        "id": "CVE-2010-1289"
      },
      {
        "date": "2021-09-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Adobe Shockwave Player Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001487"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201005-212"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-1289 (GCVE-0-2010-1289)

FKIE_CVE-2010-1289

GSD-2010-1289

CERTA-2010-AVI-207

Description

Solution

CERTA-2010-AVI-207

Description

Solution

GHSA-RCV7-WRR6-XX34

VAR-201005-0108

Tags

Sightings

Nomenclature