The remote host is running RealPlayer, a multi-media application.
RealPlayer builds earlier than 12.0.1.609 are potentially affected by vulnerabilities :
An uncontrolled array index vulnerability exists in RealMedia media properties. (CVE-2010-4384)
A heap overflow vulnerability exists in multi-rate audio handling. (CVE-2010-4375)
A heap corruption vulnerability exists in the SMIL file format StreamTitle. (CVE-2010-2997)
An integer overflow exists in AAC MLLT Atom parsing. (CVE-2010-2999)
An integer overflow exists in AAC TIT2 Atom parsing. (CVE-2010-4397)
A heap overflow vulnerability exists in RTSP GIF parsing. (CVE-2010-4376)
A heap corruption vulnerability exist in the Cook Audio Codec. (CVE-2010-4377)
A heap corruption vulnerability exists in RV20 parsing. (CVE-2010-4378)
An error exists in the Cook codec initialization function. (CVE-2010-0121)
A memory access vulnerability exists in the Cook codec relating to an uninitialized number of channels. (CVE-2010-2579)
An unspecified vulnerability exists in AAC spectral data parsing. (CVE-2010-0125)
A heap overflow vulnerability exists in SIPR. (CVE-2010-4379)
A heap overflow exists in SOUND. (CVE-2010-4380)
A heap overflow exists in AAC. (CVE-2010-4381)
Multiple heap overflow vulnerabilities in RealMedia. (CVE-2010-4382)
A heap overflow vulnerability in RA5. (CVE-2010-4383)
An integer overflow in SIPR stream frame dimensions. (CVE-2010-4385)
RealMedia Memory heap corruption. (CVE-2010-4386)
A memory corruption vulnerability in the RealAudio codec. (CVE-2010-4387)
A cross-zone scripting vulnerability in the ActiveX HandleAction Method. (CVE-2010-4396)
A cross domain scripting vulnerability is exploitable via local HTML files. (CVE-2010-4388)
A heap overflow vulnerability exists in the Cook codec initialization buffer index.(CVE-2010-4389)
A heap overflow vulnerability exists in the IVR file header. (CVE-2010-4390)
A heap overflow vulnerability exists in the RMX header. (CVE-2010-4391)
A heap overflow vulnerability exists in ImageMap. (CVE-2010-4392)
A heap overflow vulnerability exists in RealPix server header. (CVE-2010-4394)
A heap overflow exists in the Advanced audio coding. (CVE-2010-4395)
Binary data 5709.prm
Vendor | Product | Version | CPE |
---|---|---|---|
realnetworks | realplayer | cpe:/a:realnetworks:realplayer |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0125
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2999
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4375
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4377
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4378
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4380
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4381
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4382
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4383
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4384
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4385
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4386
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4388
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4390
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4391
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4392
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4394
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4395
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4396
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4397
labs.idefense.com/intelligence/vulnerabilities/display.php?id=883
labs.idefense.com/intelligence/vulnerabilities/display.php?id=884
service.real.com/realplayer/security/12102010_player/en
www.zerodayinitiative.com/advisories/ZDI-10-266
www.zerodayinitiative.com/advisories/ZDI-10-267
www.zerodayinitiative.com/advisories/ZDI-10-268
www.zerodayinitiative.com/advisories/ZDI-10-269
www.zerodayinitiative.com/advisories/ZDI-10-270
www.zerodayinitiative.com/advisories/ZDI-10-271
www.zerodayinitiative.com/advisories/ZDI-10-272
www.zerodayinitiative.com/advisories/ZDI-10-273
www.zerodayinitiative.com/advisories/ZDI-10-274
www.zerodayinitiative.com/advisories/ZDI-10-275
www.zerodayinitiative.com/advisories/ZDI-10-276
www.zerodayinitiative.com/advisories/ZDI-10-277
www.zerodayinitiative.com/advisories/ZDI-10-278
www.zerodayinitiative.com/advisories/ZDI-10-279
www.zerodayinitiative.com/advisories/ZDI-10-280
www.zerodayinitiative.com/advisories/ZDI-10-281
www.zerodayinitiative.com/advisories/ZDI-10-282