Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player

Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player

CVE-2010-4087 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with a crafted mmap record containing an invalid length of a VSWV entry, a different vulnerability than CVE-2010-4089.

Learn more about our Web Application Penetration Testing UK.