Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable5886.PRM
HistoryApr 14, 2011 - 12:00 a.m.

Real Networks RealPlayer < 14.0.3.647 (Build 12.0.1.647) Multiple Vulnerabilities

2011-04-1400:00:00
Tenable
www.tenable.com
6

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.406 Medium

EPSS

Percentile

97.3%

JSON

The remote host is running RealPlayer, a multi-media application.

RealPlayer builds earlier than 12.0.1.647 are potentially affected by multiple code execution vulnerabilities :

  • An error exists in the function ‘OpenURLInDefaultBrowser’ which mishandles certain file types and can allow arbitrary code execution via crafted RealPlayer audio or settings (RNX) files. (CVE-2011-1426)

  • A heap based buffer overflow vulnerability exists and can be exploited when RealPlayer is processing certain Internet Video Recording (IVR) files. (CVE-2011-1525)

Binary data 5886.prm
VendorProductVersionCPE
realnetworksrealplayercpe:/a:realnetworks:realplayer

Related

nessus 1
openvas 4
cvelist 2
zdi 1
securityvulns 2
cve 2
nvd 2
prion 2
nessus
nessus
RealPlayer for Windows < Build 12.0.1.647 Multiple Vulnerabilities
2011-04-14 00:00:00
openvas
openvas
RealNetworks RealPlayer IVR File Processing Buffer Overflow Vulnerability (Windows)
2011-04-11 00:00:00
RealNetworks RealPlayer IVR File Processing Buffer Overflow Vulnerability - Windows
2011-04-11 00:00:00
RealNetworks RealPlayer 'OpenURLInDefaultBrowser()' Code Execution Vulnerability - Windows
2011-04-22 00:00:00
cvelist
cvelist
CVE-2011-1525
2011-04-06 16:00:00
CVE-2011-1426
2011-04-18 18:00:00
zdi
zdi
RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code Execution Vulnerability
2011-04-12 00:00:00
securityvulns
securityvulns
ZDI-11-122: RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code Execution Vulnerability
2011-04-14 00:00:00
RealNetworks RealPlayer code execution
2011-04-14 00:00:00
cve
cve
CVE-2011-1525
2011-04-06 16:55:15
CVE-2011-1426
2011-04-18 18:55:01
nvd
nvd
CVE-2011-1525
2011-04-06 16:55:15
CVE-2011-1426
2011-04-18 18:55:01
prion
prion
Heap overflow
2011-04-06 16:55:00
Open redirect
2011-04-18 18:55:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.406 Medium

EPSS

Percentile

97.3%

JSON
Related for 5886.PRM
nessus1openvas4cvelist2zdi1securityvulns2cve2nvd2prion2