Macromedia » Shockwave : Security Vulnerabilities, CVEs,
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885.
Max CVSS
7.5
EPSS Score
92.93%
Published
2007-03-10
Updated
2017-10-11
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
Max CVSS
4.3
EPSS Score
15.03%
Published
2006-12-31
Updated
2017-10-19
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
Max CVSS
5.0
EPSS Score
0.30%
Published
2003-04-22
Updated
2008-09-05
3 vulnerabilities found