Buffer overflow in Adobe Shockwave_player

CVE-2014-0505

Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Vulnerability class: Buffer Overflow

EPSS: 0.175 (95.2th percentile) — read the EPSS interpretation.

Affected products

Adobe Shockwave_player — versions 12.0.0.112, 12.0.2.122, 12.0.3.133
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@adobe.com (x_refsource_CONFIRM, Vendor Advisory)