The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
2010-05-13T17:30:02.157
2025-04-11T00:51:21.963
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | shockwave_player | ≤ 11.5.6.606 | Yes |
| Application | adobe | shockwave_player | 1.0 | Yes |
| Application | adobe | shockwave_player | 2.0 | Yes |
| Application | adobe | shockwave_player | 3.0 | Yes |
| Application | adobe | shockwave_player | 4.0 | Yes |
| Application | adobe | shockwave_player | 5.0 | Yes |
| Application | adobe | shockwave_player | 6.0 | Yes |
| Application | adobe | shockwave_player | 8.0 | Yes |
| Application | adobe | shockwave_player | 8.5.1 | Yes |
| Application | adobe | shockwave_player | 9 | Yes |
| Application | adobe | shockwave_player | 10.1.0.11 | Yes |
| Application | adobe | shockwave_player | 11.0.0.456 | Yes |
| Application | adobe | shockwave_player | 11.5.0.595 | Yes |
| Application | adobe | shockwave_player | 11.5.0.596 | Yes |
| Application | adobe | shockwave_player | 11.5.1.601 | Yes |
| Application | adobe | shockwave_player | 11.5.2.602 | Yes |
| Operating System | apple | macos | * | No |
| Operating System | microsoft | windows | * | No |
| Application | adobe | shockwave_player | - | Yes |
| Operating System | microsoft | windows_7 | - | No |
| Operating System | microsoft | windows_server_2003 | - | No |
| Operating System | microsoft | windows_server_2008 | - | No |
| Operating System | microsoft | windows_vista | - | No |