CVE-2010-4195

Name: CVE-2010-4195
Creator: NVD / NIST
Published: 2011-02-10T16:00:13.177+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.56%

Last modified Jun 16, 2026

CVE-2010-4195 is a vulnerability of currently unknown severity. The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.. EPSS estimates a 5.56% chance of exploitation in the next 30 days.

Description

The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

Metrics

EPSS Probability

5.56%

91.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Adobe	Shockwave Player	<= 11.5.9.615
Adobe	Shockwave Player	1.0
Adobe	Shockwave Player	2.0
Adobe	Shockwave Player	3.0
Adobe	Shockwave Player	4.0
Adobe	Shockwave Player	5.0
Adobe	Shockwave Player	6.0
Adobe	Shockwave Player	8.0
Adobe	Shockwave Player	8.0.196
Adobe	Shockwave Player	8.0.196a
Adobe	Shockwave Player	8.0.204
Adobe	Shockwave Player	8.0.205
Adobe	Shockwave Player	8.5.1
Adobe	Shockwave Player	8.5.1.100
Adobe	Shockwave Player	8.5.1.103
Adobe	Shockwave Player	8.5.1.105
Adobe	Shockwave Player	8.5.1.106
Adobe	Shockwave Player	8.5.321
Adobe	Shockwave Player	8.5.323
Adobe	Shockwave Player	8.5.324
Adobe	Shockwave Player	8.5.325
Adobe	Shockwave Player	9
Adobe	Shockwave Player	9.0.383
Adobe	Shockwave Player	9.0.432
Adobe	Shockwave Player	10.0.0.210
Adobe	Shockwave Player	10.0.1.004
Adobe	Shockwave Player	10.1.0.11
Adobe	Shockwave Player	10.1.0.011
Adobe	Shockwave Player	10.1.1.016
Adobe	Shockwave Player	10.1.4.020
Adobe	Shockwave Player	10.2.0.021
Adobe	Shockwave Player	10.2.0.022
Adobe	Shockwave Player	10.2.0.023
Adobe	Shockwave Player	11.0.0.456
Adobe	Shockwave Player	11.0.3.471
Adobe	Shockwave Player	11.5.0.595
Adobe	Shockwave Player	11.5.0.596
Adobe	Shockwave Player	11.5.1.601
Adobe	Shockwave Player	11.5.2.602
Adobe	Shockwave Player	11.5.6.606
Adobe	Shockwave Player	11.5.7.609
Adobe	Shockwave Player	11.5.8.612

References

http://www.adobe.com/support/security/bulletins/apsb11-01.htmlPatch, Vendor Advisory
http://www.kb.cert.org/vuls/id/189929US Government Resource
http://www.securityfocus.com/bid/46336
http://www.securitytracker.com/id?1025056
http://www.vupen.com/english/advisories/2011/0335Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb11-01.htmlPatch, Vendor Advisory
http://www.kb.cert.org/vuls/id/189929US Government Resource
http://www.securityfocus.com/bid/46336
http://www.securitytracker.com/id?1025056
http://www.vupen.com/english/advisories/2011/0335Vendor Advisory

Timeline

Published: Feb 10, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2010-4195?

The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

How severe is CVE-2010-4195?

Severity scoring for CVE-2010-4195 is pending analysis. The EPSS model estimates a 5.56% probability of exploitation in the next 30 days.

How do I fix CVE-2010-4195?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-4195?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST