Kaspersky LabKLA10310KLA10310 ACE vulnerability in RealNetworks
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.968 High
EPSS
Percentile
99.7%
Detect date:
03/23/2006
Severity:
Critical
Description:
A buffer overflow was found in RealNetworks products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed SWF file.
Affected products:
RealPlayer for Windows 10.5 versions from 6.0.12.1040 to 6.0.12.1348
RealPlayer for Windows 10 all versions
RealOne Player for Windows v2 & v1 all versions
Rhapsody for Windows 3 versions from 0.815 to 1.0.269
RealPlayer for Mac OS 10 versions from 10.0.0.305 to 10.0.0.331
RealOne Player for Mac OS all versions
RealPlayer for Linux versions from 10.0.0.0 to 10.0.0.6
Helix Player for Linux versions from 10.0.0.0 to 10.0.0.5
Solution:
Update to latest version
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2006-03239.3Critical
References
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.968 High
EPSS
Percentile
99.7%