CVE-2011-2118

Adobe Shockwave Player <11.6.0.626 - RCE

Title source: llm
STIX 2.1

Description

The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability."

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb11-17.html
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA11-166A.html

Scores

EPSS 0.0455
EPSS Percentile 90.5%

Details

CWE
CWE-20
Status published
Products (43)
adobe/shockwave_player 1.0
adobe/shockwave_player 2.0
adobe/shockwave_player 3.0
adobe/shockwave_player 4.0
adobe/shockwave_player 5.0
adobe/shockwave_player 6.0
adobe/shockwave_player 8.0
adobe/shockwave_player 8.0.196
adobe/shockwave_player 8.0.196a
adobe/shockwave_player 8.0.204
... and 33 more
Published Jun 16, 2011
Tracked Since Feb 18, 2026