{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-08T00:00:00", "descriptions": [{"lang": "en", "value": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds \"seek\" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-080/"}, {"name": "ADV-2011-0335", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0335"}, {"name": "20110209 ZDI-11-080: Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516324/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"}, {"name": "46324", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46324"}, {"name": "1025056", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025056"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2010-4190", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds \"seek\" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-080/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-080/"}, {"name": "ADV-2011-0335", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0335"}, {"name": "20110209 ZDI-11-080: Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516324/100/0/threaded"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb11-01.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"}, {"name": "46324", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46324"}, {"name": "1025056", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025056"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:34:37.568Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-080/"}, {"name": "ADV-2011-0335", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0335"}, {"name": "20110209 ZDI-11-080: Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516324/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"}, {"name": "46324", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46324"}, {"name": "1025056", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1025056"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2010-4190", "datePublished": "2011-02-10T15:00:00", "dateReserved": "2010-11-05T00:00:00", "dateUpdated": "2024-08-07T03:34:37.568Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "1601F8CE-9D13-473A-AABA-C76C96C87679", "versionEndIncluding": "11.5.9.615", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA5643BC-12F8-4F05-A363-9FC97EF1DD0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "085FA7DD-8048-4768-816C-82828022FCF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "966A8542-E5E1-468F-989E-47F71123A426", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "A77F1733-6755-44E7-8ECC-CFB397FC79A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*", "matchCriteriaId": "9282EC1A-DFDB-49A9-8BE1-013D9B494D99", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*", "matchCriteriaId": "C4A8422D-39E4-490C-B3EC-FED7468D6B4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*", "matchCriteriaId": "88A75AF4-F7BA-4CA4-8079-5D9794E1BD45", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*", "matchCriteriaId": "712325E1-B37A-4994-B42E-F02553A3CB9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC55CB2C-4DBC-4D16-96A7-FB3316A21D51", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*", "matchCriteriaId": "FADB5808-5F9A-4FBD-A6FC-3DB17A6C6CF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*", "matchCriteriaId": "BFC415B5-F7C8-4277-A4A3-ECFA2CB38515", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*", "matchCriteriaId": "3454FF46-3D72-4FF9-AF5B-2E948DA412D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*", "matchCriteriaId": "E4726504-850B-4434-A149-09000D21F917", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*", "matchCriteriaId": "C6D89450-C92C-4541-917B-AD047803A2AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*", "matchCriteriaId": "798EB26B-14D6-4E90-AC84-FF47B89B82E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*", "matchCriteriaId": "CA562619-7FAA-4FA6-AE42-55801AF00D9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*", "matchCriteriaId": "BA961FB2-C543-4A1C-9C9E-C56641EB13FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*", "matchCriteriaId": "17F5982F-35BD-49A0-9DBE-774816136D57", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*", "matchCriteriaId": "56D23F59-4939-4ABE-A5BC-283BFC362E45", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*", "matchCriteriaId": "DE1DB962-10C6-4536-B693-4AF59F0C4D94", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*", "matchCriteriaId": "FA60B4FB-2BA4-4304-A7B8-8F0676C4F022", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*", "matchCriteriaId": "F7D6B993-1CF8-4944-8456-B99A72F24814", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "D18289BB-6568-4671-BC70-C8744DD2E0C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*", "matchCriteriaId": "AD29AACC-E101-494B-BFD4-D97FDBE4A584", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*", "matchCriteriaId": "3F52120E-9CAB-40D9-A577-5D8278139F50", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*", "matchCriteriaId": "AAB05A7D-3017-4589-AE5C-B1A377AF02B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*", "matchCriteriaId": "58C665F7-E05D-4A8C-B217-6689C95D3FF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*", "matchCriteriaId": "8441B2BB-3837-4EDE-B44E-323B434CBF56", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*", "matchCriteriaId": "2007F032-06BA-4347-9D9E-2C7C4C9BBCD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*", "matchCriteriaId": "BF19CBB1-F047-4472-A19D-48A147396383", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*", "matchCriteriaId": "C51EB3CF-6770-4626-BDA7-9ED94A374911", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*", "matchCriteriaId": "C61B9485-2A42-4C95-9A10-3F1102E4EBBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*", "matchCriteriaId": "79FEEF7E-B477-485A-B9BC-98F6D1A2B10B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*", "matchCriteriaId": "E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*", "matchCriteriaId": "4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*", "matchCriteriaId": "9FBAFFFF-D658-45F0-AF14-BA29AA2D5394", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*", "matchCriteriaId": "7BFB28F3-ADA5-4BD1-9723-73FA291307BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*", "matchCriteriaId": "9760A554-1D44-4249-97DE-8423A97BA9FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds \"seek\" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306."}, {"lang": "es", "value": "Adobe Shockwave Player en versiones anteriores a la 11.5.9.620 permite que los atacantes ejecuten c\u00f3digo arbitrario o provoquen una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) mediante una pel\u00edcula Director con un fragmento RIFF CSWV que provoca un c\u00e1lculo incorrecto de un desplazamiento para una subestructura, lo que provoca un \"seek\" fuera de l\u00edmites de la memoria din\u00e1mica (heap). Esta vulnerabilidad es diferente de CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192 y CVE-2010-4306."}], "id": "CVE-2010-4190", "lastModified": "2018-10-11T21:01:58.730", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-02-10T16:00:12.940", "references": [{"source": "psirt@adobe.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"}, {"source": "psirt@adobe.com", "url": "http://www.securityfocus.com/archive/1/516324/100/0/threaded"}, {"source": "psirt@adobe.com", "url": "http://www.securityfocus.com/bid/46324"}, {"source": "psirt@adobe.com", "url": "http://www.securitytracker.com/id?1025056"}, {"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0335"}, {"source": "psirt@adobe.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-080/"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}