Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player

Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player

CVE-2010-4089 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087.

Learn more about our Web Application Penetration Testing UK.