CVE-2005-3525: Buffer Overflow
First published: Sat Dec 31 2005(Updated: )
Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Shockwave Player | =5.0 | |
| Adobe Shockwave Player | =4.0 | |
| Adobe Shockwave Player | =8.5.1 | |
| Adobe Shockwave Player | =6.0 | |
| Adobe Shockwave Player | =10.1.0.11 | |
| Adobe Shockwave Player | =1.0 | |
| Adobe Shockwave Player | =2.0 | |
| Adobe Shockwave Player | =8.0 | |
| Adobe Shockwave Player | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.zerodayinitiative.com/advisories/ZDI-06-002.html
- http://www.macromedia.com/devnet/security/security_zone/apsb06-02.html
- http://www.securityfocus.com/bid/16791
- http://securitytracker.com/id?1015673
- http://secunia.com/advisories/19009
- http://www.kb.cert.org/vuls/id/437212
- http://www.osvdb.org/23461
- http://securityreason.com/securityalert/481
- http://www.vupen.com/english/advisories/2006/0716
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24914
- http://www.securityfocus.com/archive/1/425900/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2005-3525?
CVE-2005-3525 is considered to have a high severity due to its ability to allow remote attackers to execute arbitrary code.
How do I fix CVE-2005-3525?
To fix CVE-2005-3525, you should update your Adobe Shockwave Player to the latest version available, ensuring that all vulnerabilities are patched.
What are the affected versions of Adobe Shockwave Player for CVE-2005-3525?
CVE-2005-3525 affects Adobe Shockwave Player versions 1.0 through 10.1.0.11.
What type of vulnerability is identified in CVE-2005-3525?
CVE-2005-3525 is a stack-based buffer overflow vulnerability.
Can CVE-2005-3525 be exploited through the internet?
Yes, CVE-2005-3525 can be exploited remotely through the internet by attackers using crafted parameters.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/adobe
- canonical/adobe shockwave player
- version/adobe shockwave player/5.0
- version/adobe shockwave player/4.0
- version/adobe shockwave player/8.5.1
- version/adobe shockwave player/6.0
- version/adobe shockwave player/10.1.0.11
- version/adobe shockwave player/1.0
- version/adobe shockwave player/2.0
- version/adobe shockwave player/8.0
- version/adobe shockwave player/3.0