Vulnerability Description
The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Shockwave Player | <= 11.5.9.615 |
Related Weaknesses (CWE)
References
- http://www.adobe.com/support/security/bulletins/apsb11-01.htmlPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/189929US Government Resource
- http://www.securityfocus.com/bid/46338
- http://www.securitytracker.com/id?1025056
- http://www.vupen.com/english/advisories/2011/0335Vendor Advisory
- http://www.adobe.com/support/security/bulletins/apsb11-01.htmlPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/189929US Government Resource
- http://www.securityfocus.com/bid/46338
- http://www.securitytracker.com/id?1025056
- http://www.vupen.com/english/advisories/2011/0335Vendor Advisory
FAQ
What is CVE-2010-4196?
CVE-2010-4196 is a vulnerability with a CVSS score of 9.3 (HIGH). The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.
How severe is CVE-2010-4196?
CVE-2010-4196 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4196?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Shockwave Player.