|Date: (C)2011-06-16 (M)2017-12-09|| |
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 126.96.36.1996 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.
|CVSS Score: 9.3||Access Vector: NETWORK|
|Exploit Score: 8.6||Access Complexity: MEDIUM|
|Impact Score: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|