Strix
26.1K

CVE-2011-0555

UnknownEPSS 4.96%

Last modified

CVE-2011-0555 is a vulnerability of currently unknown severity. The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.. EPSS estimates a 4.96% chance of exploitation in the next 30 days.

Description

The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.

Metrics

EPSS Probability
4.96%

91.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AdobeShockwave Player<= 11.5.9.615
AdobeShockwave Player1.0
AdobeShockwave Player2.0
AdobeShockwave Player3.0
AdobeShockwave Player4.0
AdobeShockwave Player5.0
AdobeShockwave Player6.0
AdobeShockwave Player8.0
AdobeShockwave Player8.0.196
AdobeShockwave Player8.0.196a
AdobeShockwave Player8.0.204
AdobeShockwave Player8.0.205
AdobeShockwave Player8.5.1
AdobeShockwave Player8.5.1.100
AdobeShockwave Player8.5.1.103
AdobeShockwave Player8.5.1.105
AdobeShockwave Player8.5.1.106
AdobeShockwave Player8.5.321
AdobeShockwave Player8.5.323
AdobeShockwave Player8.5.324
AdobeShockwave Player8.5.325
AdobeShockwave Player9
AdobeShockwave Player9.0.383
AdobeShockwave Player9.0.432
AdobeShockwave Player10.0.0.210
AdobeShockwave Player10.0.1.004
AdobeShockwave Player10.1.0.11
AdobeShockwave Player10.1.0.011
AdobeShockwave Player10.1.1.016
AdobeShockwave Player10.1.4.020
AdobeShockwave Player10.2.0.021
AdobeShockwave Player10.2.0.022
AdobeShockwave Player10.2.0.023
AdobeShockwave Player11.0.0.456
AdobeShockwave Player11.0.3.471
AdobeShockwave Player11.5.0.595
AdobeShockwave Player11.5.0.596
AdobeShockwave Player11.5.1.601
AdobeShockwave Player11.5.2.602
AdobeShockwave Player11.5.6.606
AdobeShockwave Player11.5.7.609
AdobeShockwave Player11.5.8.612

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2011-0555?
The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.
How severe is CVE-2011-0555?
Severity scoring for CVE-2011-0555 is pending analysis. The EPSS model estimates a 4.96% probability of exploitation in the next 30 days.
How do I fix CVE-2011-0555?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-0555?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST