cpe:/a:adobe:shockwave_player:1.0 cpe:/a:adobe:shockwave_player:2.0 cpe:/a:adobe:shockwave_player:3.0 cpe:/a:adobe:shockwave_player:4.0 cpe:/a:adobe:shockwave_player:5.0 cpe:/a:adobe:shockwave_player:6.0 cpe:/a:adobe:shockwave_player:8.0 cpe:/a:adobe:shockwave_player:8.0.196 cpe:/a:adobe:shockwave_player:8.0.196a cpe:/a:adobe:shockwave_player:8.0.204 cpe:/a:adobe:shockwave_player:8.0.205 cpe:/a:adobe:shockwave_player:8.5.1 cpe:/a:adobe:shockwave_player:8.5.1.100 cpe:/a:adobe:shockwave_player:8.5.1.103 cpe:/a:adobe:shockwave_player:8.5.1.105 cpe:/a:adobe:shockwave_player:8.5.1.106 cpe:/a:adobe:shockwave_player:8.5.321 cpe:/a:adobe:shockwave_player:8.5.323 cpe:/a:adobe:shockwave_player:8.5.324 cpe:/a:adobe:shockwave_player:8.5.325 cpe:/a:adobe:shockwave_player:9 cpe:/a:adobe:shockwave_player:9.0.383 cpe:/a:adobe:shockwave_player:9.0.432 cpe:/a:adobe:shockwave_player:10.0.0.210 cpe:/a:adobe:shockwave_player:10.0.1.004 cpe:/a:adobe:shockwave_player:10.1.0.11 cpe:/a:adobe:shockwave_player:10.1.1.016 cpe:/a:adobe:shockwave_player:10.1.4.020 cpe:/a:adobe:shockwave_player:10.2.0.021 cpe:/a:adobe:shockwave_player:10.2.0.022 cpe:/a:adobe:shockwave_player:10.2.0.023 cpe:/a:adobe:shockwave_player:11.0.0.456 cpe:/a:adobe:shockwave_player:11.0.3.471 cpe:/a:adobe:shockwave_player:11.5.0.595 cpe:/a:adobe:shockwave_player:11.5.0.596 cpe:/a:adobe:shockwave_player:11.5.1.601 cpe:/a:adobe:shockwave_player:11.5.2.602 cpe:/a:adobe:shockwave_player:11.5.6.606 cpe:/a:adobe:shockwave_player:11.5.7.609 CVE-2010-2873 2010-08-26T17:00:02.090-04:00 2017-09-18T21:31:08.660-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-08-27T14:44:00.000-04:00 SECTRACK 1024361 BUGTRAQ 20100824 ZDI-10-162: Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability BID 42682 VUPEN ADV-2010-2176 CONFIRM http://www.adobe.com/support/security/bulletins/apsb10-20.html MISC http://www.zerodayinitiative.com/advisories/ZDI-10-162 Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.