Lucene search

MitreCVE-2010-4385

HistoryDec 14, 2010 - 4:00 p.m.

CVE-2010-4385

2010-12-1416:00:04

CWE-189

mitre

web.nvd.nist.gov

cve-2010-4385

realnetworks

realplayer

integer overflow

sipr

remote attackers

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON

Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via crafted frame dimensions in an SIPR stream.

Affected configurations

Nvd

Node

realnetworksrealplayerMatch11.0

realnetworksrealplayerMatch11.0.1

realnetworksrealplayerMatch11.0.2

realnetworksrealplayerMatch11.0.3

realnetworksrealplayerMatch11.0.4

realnetworksrealplayerMatch11.0.5

realnetworksrealplayerMatch11.1

Node

realnetworksrealplayer_spMatch1.0.0

realnetworksrealplayer_spMatch1.0.1

realnetworksrealplayer_spMatch1.0.2

realnetworksrealplayer_spMatch1.0.5

realnetworksrealplayer_spMatch1.1

realnetworksrealplayer_spMatch1.1.1

realnetworksrealplayer_spMatch1.1.2

realnetworksrealplayer_spMatch1.1.3

realnetworksrealplayer_spMatch1.1.4

Node

realnetworksrealplayerMatch11.0.2.1744

AND

linuxlinux_kernel

Node

realnetworksrealplayerMatch2.1.2enterprise

VendorProductVersionCPE
realnetworksrealplayer11.0cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
realnetworksrealplayer11.0.1cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
realnetworksrealplayer11.0.2cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
realnetworksrealplayer11.0.3cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
realnetworksrealplayer11.0.4cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
realnetworksrealplayer11.0.5cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
realnetworksrealplayer11.1cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.0cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.1cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.2cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
realnetworks	realplayer	11.0	cpe:2.3:a:realnetworks:realplayer:11.0:::::::*
realnetworks	realplayer	11.0.1	cpe:2.3:a:realnetworks:realplayer:11.0.1:::::::*
realnetworks	realplayer	11.0.2	cpe:2.3:a:realnetworks:realplayer:11.0.2:::::::*
realnetworks	realplayer	11.0.3	cpe:2.3:a:realnetworks:realplayer:11.0.3:::::::*
realnetworks	realplayer	11.0.4	cpe:2.3:a:realnetworks:realplayer:11.0.4:::::::*
realnetworks	realplayer	11.0.5	cpe:2.3:a:realnetworks:realplayer:11.0.5:::::::*
realnetworks	realplayer	11.1	cpe:2.3:a:realnetworks:realplayer:11.1:::::::*
realnetworks	realplayer_sp	1.0.0	cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:::::::*
realnetworks	realplayer_sp	1.0.1	cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:::::::*
realnetworks	realplayer_sp	1.0.2	cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:::::::*