Adobe Shockwave Player Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.

1. Unspecified errors in dirapi.dll and IML32.dll, an input validation error in dirapi.dll, an integer underflow error in IML32.dll, missing input validation within the parsing of certain structures in rcsL chunks, and an input validation error when parsing DEMX chunks can be exploited to corrupt memory.
2. A logic error when attempting to allocate memory for DEMX data using overly large sizes may result in memory not being allocated as expected and can be exploited to corrupt memory.
3. An integer overflow error in dirapi.dll, a function used to create a structure for storing DEMX data, IML32.dll, TextXtra.x32, Shockwave3DAsset component, CursorAsset x32 component and AudioMixer.x32, and when allocating memory for substructures within xtcL chunks can be exploited to cause heap-based buffer overflows.
4. An error in dirapi.dll when parsing rcsL chunks, and when allocating buffers based on sizes obtained from KEY* chunks can be exploited to cause a heap-based buffer overflow.
5. A logic error when attempting to reallocate memory based on DEMX data may result in memory not being reallocated as expected and can be exploited to cause heap-based buffer overflows.
6. A logic error in dirapi.dll when parsing substructures within rcsL chunks can be exploited to trigger misallocation of buffers and cause heap-based buffer overflows.
7. A boundary error in "Font Asset.x32" when parsing font-related structures can be exploited to cause stack-based buffer overflows.
8. Integer overflow errors in a function used to calculate how much space is required for storing a specified amount of DEMX data of a specified type can be exploited to cause buffer overflows.
9. Missing input validation in TextXtra.x32, an error in dirapi.dll and an unspecified error can be exploited to cause buffer overflows.
10. A logic error in dirapi.dll when a xtcL chunk is not present as expected results in use of uninitialised memory.
11. An unspecified design flaw exists in an unspecified component.
12. Multiple unspecified errors exist in IML32.dll.
13. An error when extracting strings from embedded media objects can be exploited to write a NULL byte to an arbitrary memory location.
14. An input validation error exists in the FLV ASSET Xtra component.
15. An integer overflow error exists in the Shockwave 3D Asset x32 component.