CVE-2007-1403

Macromedia Shockwave - Buffer Overflow

Title source: rule

Description

Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmldoswindows

https://www.exploit-db.com/exploits/3421

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://osvdb.org/36005

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22842

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3421

Scores

EPSS 0.5577

EPSS Percentile 98.1%

Details

Status published

Products (1)

macromedia/shockwave 10.1.4.20

Published Mar 10, 2007

Tracked Since Feb 18, 2026