Filtered by vendor Adobe
Subscribe
Total
4695 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0736 | 1 Adobe | 1 Coldfusion | 2011-11-07 | 4.3 MEDIUM | N/A |
| ** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. NOTE: the vendor disputes the significance of this issue because the Site-wide Error Handler and Debug Output Settings sections of the ColdFusion Lockdown guide explain the requirement for settings that prevent this information disclosure. | |||||
| CVE-2011-0737 | 1 Adobe | 1 Coldfusion | 2011-11-07 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the vendor disputes the significance of this issue because the Site-wide Error Handler and Debug Output Settings sections of the ColdFusion Lockdown guide explain the requirement for settings that prevent this information disclosure. | |||||
| CVE-2011-0734 | 1 Adobe | 1 Coldfusion | 2011-11-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body" attack. NOTE: this was originally reported as affecting 9.0.1 CHF1 and earlier. | |||||
| CVE-2011-2115 | 1 Adobe | 1 Shockwave Player | 2011-10-11 | 9.3 HIGH | N/A |
| IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116. | |||||
| CVE-2011-2123 | 1 Adobe | 1 Shockwave Player | 2011-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow. | |||||
| CVE-2011-2419 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 10.0 HIGH | N/A |
| IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-2420 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-2421 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file. | |||||
| CVE-2011-2422 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 10.0 HIGH | N/A |
| Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-2109 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2111 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116. | |||||
| CVE-2011-2112 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2113 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2114 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128. | |||||
| CVE-2011-2116 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115. | |||||
| CVE-2011-2117 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128. | |||||
| CVE-2011-2118 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability." | |||||
| CVE-2011-2119 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2122. | |||||
| CVE-2011-2120 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2121 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
| Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||||