Lucene search

[email protected]CVE-2010-4384

HistoryDec 14, 2010 - 4:00 p.m.

CVE-2010-4384

2010-12-1416:00:04

CWE-20

[email protected]

web.nvd.nist.gov

cve-2010-4384

array index error

realnetworks realplayer

remote code execution

media properties header

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.156 Low

EPSS

Percentile

96.0%

JSON

Array index error in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via a malformed Media Properties Header (aka MDPR) in a RealMedia file.

Affected configurations

NVD

Node

realnetworksrealplayerMatch11.0

realnetworksrealplayerMatch11.0.1

realnetworksrealplayerMatch11.0.2

realnetworksrealplayerMatch11.0.3

realnetworksrealplayerMatch11.0.4

realnetworksrealplayerMatch11.0.5

realnetworksrealplayerMatch11.1

Node

realnetworksrealplayerMatch11.0

realnetworksrealplayerMatch11.0.1

realnetworksrealplayerMatch11.0.2

realnetworksrealplayerMatch11.0.3

realnetworksrealplayerMatch11.0.4

realnetworksrealplayerMatch11.0.5

realnetworksrealplayerMatch11.1

AND

applemac_os_x

Node

realnetworksrealplayerMatch11.0.2.1744

AND

linuxlinux_kernel

Node

realnetworksrealplayerMatch2.1.2enterprise

CPENameOperatorVersion
realnetworks:realplayerrealnetworks realplayereq11.0
realnetworks:realplayerrealnetworks realplayereq11.0.1
realnetworks:realplayerrealnetworks realplayereq11.0.2
realnetworks:realplayerrealnetworks realplayereq11.0.3
realnetworks:realplayerrealnetworks realplayereq11.0.4
realnetworks:realplayerrealnetworks realplayereq11.0.5
realnetworks:realplayerrealnetworks realplayereq11.1

CPE	Name	Operator	Version
realnetworks:realplayer	realnetworks realplayer	eq	11.0
realnetworks:realplayer	realnetworks realplayer	eq	11.0.1
realnetworks:realplayer	realnetworks realplayer	eq	11.0.2
realnetworks:realplayer	realnetworks realplayer	eq	11.0.3
realnetworks:realplayer	realnetworks realplayer	eq	11.0.4
realnetworks:realplayer	realnetworks realplayer	eq	11.0.5
realnetworks:realplayer	realnetworks realplayer	eq	11.1