{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html"}, {"name": "adobe-shockwave-rcsl-code-exec(62688)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62688"}, {"tags": ["x_refsource_MISC"], "url": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/"}, {"name": "15296", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/15296"}, {"name": "VU#402231", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/402231"}, {"name": "oval:org.mitre.oval:def:11285", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285"}, {"name": "44291", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/44291"}, {"name": "1024635", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024635"}, {"name": "ADV-2010-2752", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/2752"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2010-3653", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.adobe.com/support/security/bulletins/apsb10-25.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html"}, {"name": "adobe-shockwave-rcsl-code-exec(62688)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62688"}, {"name": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/", "refsource": "MISC", "url": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/"}, {"name": "15296", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/15296"}, {"name": "VU#402231", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/402231"}, {"name": "oval:org.mitre.oval:def:11285", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285"}, {"name": "44291", "refsource": "BID", "url": "http://www.securityfocus.com/bid/44291"}, {"name": "1024635", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024635"}, {"name": "ADV-2010-2752", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/2752"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:18:53.097Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html"}, {"name": "adobe-shockwave-rcsl-code-exec(62688)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62688"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/"}, {"name": "15296", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/15296"}, {"name": "VU#402231", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/402231"}, {"name": "oval:org.mitre.oval:def:11285", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285"}, {"name": "44291", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/44291"}, {"name": "1024635", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024635"}, {"name": "ADV-2010-2752", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/2752"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2010-3653", "datePublished": "2010-10-26T17:00:00", "dateReserved": "2010-09-28T00:00:00", "dateUpdated": "2024-08-07T03:18:53.097Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "D71F810E-F23E-45FF-94F9-14D09490D018", "versionEndIncluding": "11.5.8.612", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA5643BC-12F8-4F05-A363-9FC97EF1DD0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "085FA7DD-8048-4768-816C-82828022FCF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "966A8542-E5E1-468F-989E-47F71123A426", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "A77F1733-6755-44E7-8ECC-CFB397FC79A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "matchCriteriaId": "9282EC1A-DFDB-49A9-8BE1-013D9B494D99", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "matchCriteriaId": "C4A8422D-39E4-490C-B3EC-FED7468D6B4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "matchCriteriaId": "88A75AF4-F7BA-4CA4-8079-5D9794E1BD45", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "matchCriteriaId": "712325E1-B37A-4994-B42E-F02553A3CB9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC55CB2C-4DBC-4D16-96A7-FB3316A21D51", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "matchCriteriaId": "FADB5808-5F9A-4FBD-A6FC-3DB17A6C6CF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "matchCriteriaId": "BFC415B5-F7C8-4277-A4A3-ECFA2CB38515", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "matchCriteriaId": "3454FF46-3D72-4FF9-AF5B-2E948DA412D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "matchCriteriaId": "E4726504-850B-4434-A149-09000D21F917", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "matchCriteriaId": "C6D89450-C92C-4541-917B-AD047803A2AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "matchCriteriaId": "798EB26B-14D6-4E90-AC84-FF47B89B82E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "matchCriteriaId": "CA562619-7FAA-4FA6-AE42-55801AF00D9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "matchCriteriaId": "BA961FB2-C543-4A1C-9C9E-C56641EB13FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "matchCriteriaId": "56D23F59-4939-4ABE-A5BC-283BFC362E45", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "matchCriteriaId": "DE1DB962-10C6-4536-B693-4AF59F0C4D94", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "matchCriteriaId": "FA60B4FB-2BA4-4304-A7B8-8F0676C4F022", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "matchCriteriaId": "F7D6B993-1CF8-4944-8456-B99A72F24814", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "D18289BB-6568-4671-BC70-C8744DD2E0C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "matchCriteriaId": "AD29AACC-E101-494B-BFD4-D97FDBE4A584", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "matchCriteriaId": "3F52120E-9CAB-40D9-A577-5D8278139F50", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "matchCriteriaId": "AAB05A7D-3017-4589-AE5C-B1A377AF02B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "matchCriteriaId": "58C665F7-E05D-4A8C-B217-6689C95D3FF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "matchCriteriaId": "8441B2BB-3837-4EDE-B44E-323B434CBF56", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "matchCriteriaId": "2007F032-06BA-4347-9D9E-2C7C4C9BBCD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "matchCriteriaId": "BF19CBB1-F047-4472-A19D-48A147396383", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "matchCriteriaId": "C51EB3CF-6770-4626-BDA7-9ED94A374911", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "matchCriteriaId": "C61B9485-2A42-4C95-9A10-3F1102E4EBBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "matchCriteriaId": "79FEEF7E-B477-485A-B9BC-98F6D1A2B10B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "matchCriteriaId": "E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "matchCriteriaId": "4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "matchCriteriaId": "9FBAFFFF-D658-45F0-AF14-BA29AA2D5394", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "matchCriteriaId": "7BFB28F3-ADA5-4BD1-9723-73FA291307BD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "El m\u00f3dulo Director (biblioteca dirapi.dll) en Shockwave Player de Adobe anterior a versi\u00f3n 11.5.9.615, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) por medio de una pel\u00edcula de Director con un fragmento rcsL dise\u00f1ado que contiene un campo cuyo valor se utiliza como un desplazamiento de puntero, como se explot\u00f3 \u201cin the wild\u201d en octubre de 2010. NOTA: algunos de estos datos se obtienen de la informaci\u00f3n de terceros."}], "id": "CVE-2010-3653", "lastModified": "2017-09-19T01:31:30.877", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-10-26T18:00:01.597", "references": [{"source": "psirt@adobe.com", "url": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/"}, {"source": "psirt@adobe.com", "url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html"}, {"source": "psirt@adobe.com", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/15296"}, {"source": "psirt@adobe.com", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/402231"}, {"source": "psirt@adobe.com", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/44291"}, {"source": "psirt@adobe.com", "url": "http://www.securitytracker.com/id?1024635"}, {"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/2752"}, {"source": "psirt@adobe.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62688"}, {"source": "psirt@adobe.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}