cpe:/a:adobe:shockwave_player:1.0 cpe:/a:adobe:shockwave_player:2.0 cpe:/a:adobe:shockwave_player:3.0 cpe:/a:adobe:shockwave_player:4.0 cpe:/a:adobe:shockwave_player:5.0 cpe:/a:adobe:shockwave_player:6.0 cpe:/a:adobe:shockwave_player:8.0 cpe:/a:adobe:shockwave_player:8.0.196 cpe:/a:adobe:shockwave_player:8.0.196a cpe:/a:adobe:shockwave_player:8.0.204 cpe:/a:adobe:shockwave_player:8.0.205 cpe:/a:adobe:shockwave_player:8.5.1 cpe:/a:adobe:shockwave_player:8.5.1.100 cpe:/a:adobe:shockwave_player:8.5.1.103 cpe:/a:adobe:shockwave_player:8.5.1.105 cpe:/a:adobe:shockwave_player:8.5.1.106 cpe:/a:adobe:shockwave_player:8.5.321 cpe:/a:adobe:shockwave_player:8.5.323 cpe:/a:adobe:shockwave_player:8.5.324 cpe:/a:adobe:shockwave_player:8.5.325 cpe:/a:adobe:shockwave_player:9 cpe:/a:adobe:shockwave_player:9.0.383 cpe:/a:adobe:shockwave_player:9.0.432 cpe:/a:adobe:shockwave_player:10.0.0.210 cpe:/a:adobe:shockwave_player:10.0.1.004 cpe:/a:adobe:shockwave_player:10.1.0.11 cpe:/a:adobe:shockwave_player:10.1.1.016 cpe:/a:adobe:shockwave_player:10.1.4.020 cpe:/a:adobe:shockwave_player:10.2.0.021 cpe:/a:adobe:shockwave_player:10.2.0.022 cpe:/a:adobe:shockwave_player:10.2.0.023 cpe:/a:adobe:shockwave_player:11.0.0.456 cpe:/a:adobe:shockwave_player:11.0.3.471 cpe:/a:adobe:shockwave_player:11.5.0.595 cpe:/a:adobe:shockwave_player:11.5.0.596 cpe:/a:adobe:shockwave_player:11.5.1.601 cpe:/a:adobe:shockwave_player:11.5.2.602 cpe:/a:adobe:shockwave_player:11.5.6.606 cpe:/a:adobe:shockwave_player:11.5.7.609 cpe:/a:adobe:shockwave_player:11.5.8.612 cpe:/a:adobe:shockwave_player:11.5.9.615 CVE-2010-4188 2011-02-10T11:00:12.863-05:00 2011-02-17T00:00:00.000-05:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2011-02-10T11:59:00.000-05:00 SECTRACK 1025056 BUGTRAQ 20110209 TPTI-11-01: Adobe Shockwave dirapi.dll IFWV Trusted Offset Remote Code Execution Vulnerability BID 46319 VUPEN ADV-2011-0335 MISC http://dvlabs.tippingpoint.com/advisory/TPTI-11-01 CONFIRM http://www.adobe.com/support/security/bulletins/apsb11-01.html The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer overflow, a different vulnerability than CVE-2010-2587 and CVE-2010-2588.