This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote Windows host contains a web browser plugin that is
affected by multiple vulnerabilities.
The remote Windows host contains a version of Adobe's Shockwave Player
that is earlier than 184.108.40.2069. Such versions are affected by the
following issues :
- Processing specially crafted FFFFFF45h Shockwave
3D blocks can result in memory corruption.
- A signedness error that can lead to memory corruption
when processing specially crafted Director files.
- An array indexing error that can lead to memory
corruption when processing specially crafted
Director files. (CVE-2010-0129)
- An integer overflow vulnerability that can lead to
memory corruption when processing specially
crafted Director files. (CVE-2010-0130)
- An unspecified error when processing asset entries
in Director files can lead to memory corruption.
- A boundary error when processing embedded fonts
from a Directory file can lead to memory corruption.
- An unspecified error when processing Director files
can result in memory corruption. (CVE-2010-1280)
- Several unspecified memory corruption vulnerabilities.
(CVE-2010-1281, CVE-2010-1282, CVE-2010-1284,
CVE-2010-1286, CVE-2010-1287, CVE-2010-1288,
CVE-2010-1289, CVE-2010-1290, CVE-2010-1291,
See also :
Upgrade to Adobe Shockwave 220.127.116.119 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Nessus Plugin ID: 46329 ()
CVE ID: CVE-2010-0127
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now