Lucene search

[email protected]CVE-2004-0387

HistoryJun 01, 2004 - 4:00 a.m.

CVE-2004-0387

2004-06-0104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0387

stack-based buffer overflow

rt3 plugin

realplayer

realone player

remote code execution

nvd

8.2 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.337 Low

EPSS

Percentile

97.1%

JSON

Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.

CPENameOperatorVersion
realnetworks:realone_playerrealnetworks realone playereq10_beta
realnetworks:realone_playerrealnetworks realone playereq*
realnetworks:realplayerrealnetworks realplayereq8.0

CPE	Name	Operator	Version
realnetworks:realone_player	realnetworks realone player	eq	10_beta
realnetworks:realone_player	realnetworks realone player	eq	*
realnetworks:realplayer	realnetworks realplayer	eq	8.0

References

archives.neohapsis.com/archives/vulnwatch/2004-q1/0077.html

marc.info/?l=bugtraq&m=108135350810135&w=2

secunia.com/advisories/11314

www.ngssoftware.com/advisories/realr3t.txt

www.osvdb.org/displayvuln.php?osvdb_id=4977

www.securityfocus.com/bid/10070

www.service.real.com/help/faq/security/040406_r3t/en/

exchange.xforce.ibmcloud.com/vulnerabilities/15774

8.2 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.337 Low

EPSS

Percentile

97.1%

JSON

Related for CVE-2004-0387

cvelist1 nessus1 redhat1