Lucene search

[email protected]CVE-2008-0098

HistoryJan 08, 2008 - 2:46 a.m.

CVE-2008-0098

2008-01-0802:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0098

buffer overflow

realplayer

remote code execution

vulnerability

security issue

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.281 Low

EPSS

Percentile

96.9%

JSON

Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Affected configurations

NVD

Node

realnetworksrealplayerMatch11_build_6.0.14.748

CPENameOperatorVersion
realnetworks:realplayerrealnetworks realplayereq11_build_6.0.14.748

CPE	Name	Operator	Version
realnetworks:realplayer	realnetworks realplayer	eq	11_build_6.0.14.748

References

gleg.net/realplayer11.html

lists.immunitysec.com/pipermail/dailydave/2008-January/004811.html

secunia.com/advisories/28276

www.securityfocus.com/bid/27091

www.securitytracker.com/id?1019153

www.us-cert.gov/current/index.html#public_exploit_code_for_realplayer

www.vupen.com/english/advisories/2008/0016

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.281 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2008-0098

ubuntucve1 nvd1 prion1 cvelist1