Vulnerability Description
Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Shockwave Player | 1.0 |
References
- http://secunia.com/advisories/19009Vendor Advisory
- http://securityreason.com/securityalert/481
- http://securitytracker.com/id?1015673
- http://www.kb.cert.org/vuls/id/437212US Government Resource
- http://www.macromedia.com/devnet/security/security_zone/apsb06-02.html
- http://www.osvdb.org/23461
- http://www.securityfocus.com/archive/1/425900/100/0/threaded
- http://www.securityfocus.com/bid/16791
- http://www.vupen.com/english/advisories/2006/0716
- http://www.zerodayinitiative.com/advisories/ZDI-06-002.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24914
- http://secunia.com/advisories/19009Vendor Advisory
- http://securityreason.com/securityalert/481
- http://securitytracker.com/id?1015673
- http://www.kb.cert.org/vuls/id/437212US Government Resource
FAQ
What is CVE-2005-3525?
CVE-2005-3525 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large valu...
How severe is CVE-2005-3525?
CVE-2005-3525 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3525?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Shockwave Player.