Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Adobe Flash Player 11.7.700.269
Adobe Flash Player 13.0.0.292
Adobe Flash Player 11.7.700.202
Adobe Flash Player 11.7.700.252
Adobe Flash Player 11.7.700.257
Adobe Flash Player 12.0.0.44
Adobe Flash Player 15.0.0.239
Adobe Flash Player 16.0.0.234
Adobe Flash Player 16.0.0.257
Adobe Flash Player 13.0.0.214
Adobe Flash Player 13.0.0.223
Adobe Flash Player 13.0.0.231
Adobe Flash Player 11.7.700.203
Adobe Flash Player 11.7.700.224
Adobe Flash Player 13.0.0.264
Adobe Flash Player 12.0.0.43
Adobe Flash Player 11.4.402.287
Adobe Flash Player 13.0.0.262
Adobe Flash Player 11.7.700.225
Adobe Flash Player 13.0.0.201
Adobe Flash Player 13.0.0.260
Adobe Flash Player 13.0.0.258
Adobe Flash Player 11.5.502.146
Adobe Flash Player 11.7.700.260
Adobe Flash Player 11.7.700.242
Adobe Flash Player 14.0.0.125
Adobe Flash Player 15.0.0.189
Adobe Flash Player 13.0.0.206
Adobe Flash Player 14.0.0.145
Adobe Flash Player 11.7.700.261
Adobe Flash Player 11.6.602.168
Adobe Flash Player 11.6.602.167
Adobe Flash Player 13.0.0.250
Adobe Flash Player 11.6.602.171
Adobe Flash Player 13.0.0.182
Adobe Flash Player 11.5.502.136
Adobe Flash Player 11.5.502.110
Adobe Flash Player 11.5.502.135
Adobe Flash Player 11.5.502.149
Adobe Flash Player 11.7.700.169
Adobe Flash Player 11.4.402.278
Adobe Flash Player 12.0.0.77
Adobe Flash Player 12.0.0.70
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| TA11-166A | |||
| http://www.adobe.com/support/security/bulletins/apsb11-1... | |||
| 20110614 Adobe Shockwave 3D Asset DEMX Integer Overflow ... |