Vulnerability Name:

CVE-2009-4003 (CCN-55759)

Assigned:2009-11-19
Published:2010-01-19
Updated:2018-10-10
Summary:Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-4003

Source: CCN
Type: SA37888
Adobe Shockwave Player 3D Model Parsing Eight Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
37888

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2009-62/

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2009-63/

Source: CCN
Type: Secunia Research 20/01/2010
Adobe Shockwave Player Integer Overflow Vulnerability

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2010-1/

Source: CCN
Type: SECTRACK ID: 1023481
Adobe Shockwave Integer Overflows Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1023481

Source: CCN
Type: Adobe Product Security Bulletin APSB10-03
Security update available for Shockwave Player

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb10-03.html

Source: CCN
Type: OSVDB ID: 61902
Adobe Shockwave Player Unspecified Block Type Overflow

Source: CCN
Type: OSVDB ID: 61903
Adobe Shockwave Player Unspecified 3D Block Overflow

Source: CCN
Type: OSVDB ID: 61904
Adobe Shockwave Player Crafted 3D Model Memory Corruption Overflow

Source: BUGTRAQ
Type: UNKNOWN
20100120 Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability

Source: BUGTRAQ
Type: UNKNOWN
20100120 Secunia Research: Adobe Shockwave Player Four Integer Overflow Vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20100120 Secunia Research: Adobe Shockwave Player 3D Model Two Integer Overflows

Source: BID
Type: UNKNOWN
37872

Source: CCN
Type: BID-37872
Adobe Shockwave Player Multiple Integer Overflow Vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2010-0171

Source: XF
Type: UNKNOWN
shockwave-shockwave-bo(55759)

Source: XF
Type: UNKNOWN
shockwave-shockwave-bo(55759)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:8538

Vulnerable Configuration:Configuration 1:
  • cpe:/a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:9:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:*:*:*:*:*:*:*:* (Version <= 11.5.2.602)

  • Configuration CCN 1:
  • cpe:/a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:8538
    V
    Adobe Shockwave Player Integer Overflow Vulnerability
    2014-11-10
    BACK
    adobe shockwave player 1.0
    adobe shockwave player 2.0
    adobe shockwave player 3.0
    adobe shockwave player 4.0
    adobe shockwave player 5.0
    adobe shockwave player 6.0
    adobe shockwave player 8.0
    adobe shockwave player 8.5.1
    adobe shockwave player 9
    adobe shockwave player 10.1.0.11
    adobe shockwave player 11.0.0.456
    adobe shockwave player 11.5.0.595
    adobe shockwave player 11.5.0.596
    adobe shockwave player 11.5.1.601
    adobe shockwave player *
    adobe shockwave player 11.5.1.601
    adobe shockwave player 11.5.2.602