Buffer overflow in Adobe Shockwave_player

CVE-2015-6681

Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680.

Vulnerability class: Buffer Overflow

EPSS: 0.055 (90.4th percentile) — read the EPSS interpretation.

Affected products

Adobe Shockwave_player
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1033486 (vdb-entry, x_refsource_SECTRACK)
psirt@adobe.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
GLSA-201509-07 (vendor-advisory, Third Party Advisory, VDB Entry, x_refsource_GENTOO)