What is the severity of CVE-2009-3244?

CVE-2009-3244 has a high severity rating as it can lead to denial of service and the potential execution of arbitrary code.

How do I fix CVE-2009-3244?

To fix CVE-2009-3244, upgrade the Adobe Shockwave Player to a version later than 11.5.1.601.

What products are affected by CVE-2009-3244?

CVE-2009-3244 affects Adobe Shockwave Player versions up to and including 11.5.1.601.

What kind of attack can exploit CVE-2009-3244?

CVE-2009-3244 can be exploited by attackers to cause a buffer overflow via a specially crafted PlayerVersion property value.

Is there a workaround for CVE-2009-3244?

There is no official workaround for CVE-2009-3244; updating to the latest version is the recommended approach.

Vulnerability/
CVE-2009-3244

critical

9.3

CWE

119

18/9/2009

7/8/2024

CVE-2009-3244: Buffer Overflow

First published: Fri Sep 18 2009(Updated: )

Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Adobe Shockwave Player	=8.5.324
Adobe Shockwave Player	=5.0
Adobe Shockwave Player	=4.0
Adobe Shockwave Player	=8.5.1
Adobe Shockwave Player	=10.1.4.020
Adobe Shockwave Player	=11.0.0.456
Adobe Shockwave Player	=6.0
Adobe Shockwave Player	=8.0.204
Adobe Shockwave Player	=8.0.196
Adobe Shockwave Player	=8.5.1.105
Adobe Shockwave Player	=10.2.0.023
Adobe Shockwave Player	=10.1.0.11
Adobe Shockwave Player	=11.5.0.596
Adobe Shockwave Player	=9.0.383
Adobe Shockwave Player	=1.0
Adobe Shockwave Player	<=11.5.1.601
Adobe Shockwave Player	=11.0.3.471
Adobe Shockwave Player	=10.2.0.022
Adobe Shockwave Player	=8.0.205
Adobe Shockwave Player	=8.5.1.106
Adobe Shockwave Player	=11.5.8.612
Adobe Shockwave Player	=8.5.321
Adobe Shockwave Player	=11.5.2.602
Adobe Shockwave Player	=8.5.1.100
Adobe Shockwave Player	=2.0
Adobe Shockwave Player	=10.1.1.016
Adobe Shockwave Player	=8.0
Adobe Shockwave Player	=10.0.0.210
Adobe Shockwave Player	=10.0.1.004
Adobe Shockwave Player	=10.2.0.021
Adobe Shockwave Player	=11.5.6.606
Adobe Shockwave Player	=11.5.7.609
Adobe Shockwave Player	=3.0
Adobe Shockwave Player	=8.0.196a
Adobe Shockwave Player	=10.1.0.011
Adobe Shockwave Player	=9.0.432
Adobe Shockwave Player	=8.5.1.103
Adobe Shockwave Player	=8.5.323
Adobe Shockwave Player	=8.5.325
Adobe Shockwave Player	=11.5.0.595
Adobe Shockwave Player	=9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3244?
CVE-2009-3244 has a high severity rating as it can lead to denial of service and the potential execution of arbitrary code.
How do I fix CVE-2009-3244?
To fix CVE-2009-3244, upgrade the Adobe Shockwave Player to a version later than 11.5.1.601.
What products are affected by CVE-2009-3244?
CVE-2009-3244 affects Adobe Shockwave Player versions up to and including 11.5.1.601.
What kind of attack can exploit CVE-2009-3244?
CVE-2009-3244 can be exploited by attackers to cause a buffer overflow via a specially crafted PlayerVersion property value.
Is there a workaround for CVE-2009-3244?
There is no official workaround for CVE-2009-3244; updating to the latest version is the recommended approach.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/tags
agent/last-modified-date
agent/severity
agent/weakness
agent/author
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/adobe
canonical/adobe shockwave player
version/adobe shockwave player/8.5.324
version/adobe shockwave player/5.0
version/adobe shockwave player/4.0
version/adobe shockwave player/8.5.1
version/adobe shockwave player/10.1.4.020
version/adobe shockwave player/11.0.0.456
version/adobe shockwave player/6.0
version/adobe shockwave player/8.0.204
version/adobe shockwave player/8.0.196
version/adobe shockwave player/8.5.1.105
version/adobe shockwave player/10.2.0.023
version/adobe shockwave player/10.1.0.11
version/adobe shockwave player/11.5.0.596
version/adobe shockwave player/9.0.383
version/adobe shockwave player/1.0
version/adobe shockwave player/11.5.1.601
version/adobe shockwave player/11.0.3.471
version/adobe shockwave player/10.2.0.022
version/adobe shockwave player/8.0.205
version/adobe shockwave player/8.5.1.106
version/adobe shockwave player/11.5.8.612
version/adobe shockwave player/8.5.321
version/adobe shockwave player/11.5.2.602
version/adobe shockwave player/8.5.1.100
version/adobe shockwave player/2.0
version/adobe shockwave player/10.1.1.016
version/adobe shockwave player/8.0
version/adobe shockwave player/10.0.0.210
version/adobe shockwave player/10.0.1.004
version/adobe shockwave player/10.2.0.021
version/adobe shockwave player/11.5.6.606
version/adobe shockwave player/11.5.7.609
version/adobe shockwave player/3.0
version/adobe shockwave player/8.0.196a
version/adobe shockwave player/10.1.0.011
version/adobe shockwave player/9.0.432
version/adobe shockwave player/8.5.1.103
version/adobe shockwave player/8.5.323
version/adobe shockwave player/8.5.325
version/adobe shockwave player/11.5.0.595
version/adobe shockwave player/9