CVE-2005-3525

Sažetak

Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters.

Reference

http://secunia.com/advisories/19009
http://securityreason.com/securityalert/481
http://securitytracker.com/id?1015673
http://www.kb.cert.org/vuls/id/437212
http://www.macromedia.com/devnet/security/security_zone/apsb06-02.html
http://www.osvdb.org/23461
http://www.securityfocus.com/archive/1/425900/100/0/threaded
http://www.securityfocus.com/bid/16791
http://www.vupen.com/english/advisories/2006/0716
http://www.zerodayinitiative.com/advisories/ZDI-06-002.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/24914

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

19-10-2018 - 15:36

Objavljeno

31-12-2005 - 05:00