CVE-2010-3653

EXPLOITED IN THE WILD

Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Crafted rcsL Chunk

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2010-3653 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 3 public exploits from researchers including Metasploit, Abysssec, David Kennedy, including a Metasploit module exploits/windows/browser/adobe_shockwave_rcsl_corruption.

AI-analyzed exploit summary This Metasploit module exploits a memory corruption vulnerability in Adobe Shockwave via an undocumented rcsL chunk in Director movies (.DIR). It delivers a payload through a malicious HTML page and embedded Shockwave object, targeting Windows systems.

Description

The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16594

This Metasploit module exploits a memory corruption vulnerability in Adobe Shockwave via an undocumented rcsL chunk in Director movies (.DIR). It delivers a payload through a malicious HTML page and embedded Shockwave object, targeting Windows systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Adobe Shockwave Player (tested on versions up to 11.5.0.593)
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Adobe Shockwave Player installed on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Abysssec · textremotewindows
https://www.exploit-db.com/exploits/15296

This is a detailed advisory and analysis of a memory corruption vulnerability in Adobe Shockwave Player (CVE-2010-3653), focusing on the rcsL chunk handling. It includes disassembly and technical explanation but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Complex
Reliability
Theoretical
Target: Adobe Shockwave Player 11.5.8.612
No auth needed
Prerequisites: Victim must open a maliciously crafted DIR/DCR file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by David Kennedy · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/adobe_shockwave_rcsl_corruption.rb

This Metasploit module exploits a memory corruption vulnerability in Adobe Shockwave via an undocumented rcsL chunk in Director movies (.DIR). It delivers a malicious .DIR file and uses heap spraying to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Adobe Shockwave Player (versions up to 11.5.0.593)
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Adobe Shockwave Player must be installed and vulnerable
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/62688
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15296
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/402231
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/44291
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024635
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2752

Scores

EPSS 0.7778
EPSS Percentile 99.0%

Details

VulnCheck KEV 2010-10-21
InTheWild.io 2017-09-19
CWE
CWE-119
Status published
Products (40)
adobe/shockwave_player 1.0
adobe/shockwave_player 2.0
adobe/shockwave_player 3.0
adobe/shockwave_player 4.0
adobe/shockwave_player 5.0
adobe/shockwave_player 6.0
adobe/shockwave_player 8.0
adobe/shockwave_player 8.0.196
adobe/shockwave_player 8.0.196a
adobe/shockwave_player 8.0.204
... and 30 more
Published Oct 26, 2010
Tracked Since Feb 18, 2026