9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.944 High
EPSS
Percentile
99.2%
The remote host is running an application that is vulnerable to multiple attack vectors.
The remote host is running RealPlayer, a multi-media application.
RealPlayer builds earlier than 12.0.1.666 are potentially affected by multiple code execution vulnerabilities :
A heap based buffer overflow vulnerability exits within qcpfformat.dll file, which only creates a static 256 byte allocation on the heap. This can be abused by a remote attacker to execute arbitrary code running in the context of the web browser. (CVE-2011-2950)
A flaw exists due to RealPlayer allowing users to run local HTML files with scripting enabled without any warning. Attackers can exploit this issue to execute arbitrary code within the context of the application(typically Internet Explorer) that uses the ActiveX control. (CVE-2011-2947)
A memory-corruption vulnerability exist due to an use-after-free condition that affects “Embedded AutoUpdate.” Successful exploit will allow remote attackers to execute arbitrary code within the context of the affected application. (CVE-2011-2954)
A remote buffer-overflow vulnerability exists due to the software failing to perform adequate boundary-checks on user-supplied data. Successful exploit allow attackers to execute arbitrary code in the context of the vulnerable applications. (CVE-2011-2951)
A remote code-execution vulnerability exists when handling ‘DEFINEFONT’ fields in Flash files. Successful exploit will allow remote attackers to execute arbitrary code within the context of the affected application. (CVE-2011-2948)
A remote code-execution vulnerability exist in the way the application uses ‘WideCharToMultiByte’ call, resulting in a heap-based buffer overflow. Successful exploit will allow remote attackers to execute arbitrary code within the context of the affected application. (CVE-2011-2949)
A memory-corruption vulnerability exists due to an use-after-free condition, particularly affects the dialogue box. Successful exploit will allow remote attackers to execute arbitrary code within the context of the affected application. (CVE-2011-2952)
\ - A memory-corruption vulnerability exists due to an use-after-free condition, particularly affects the Embedded Modal Dialog. Successful exploit will allow remote attackers to execute arbitrary code within the context of the affected application. (CVE-2011-2955)
Binary data 6455.prm
Vendor | Product | Version | CPE |
---|---|---|---|
realnetworks | realplayer | cpe:/a:realnetworks:realplayer |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1221
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2947
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2949
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2951
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2955
service.real.com/realplayer/security/08162011_player/en
www.zerodayinitiative.com/advisories/ZDI-11-265
www.zerodayinitiative.com/advisories/ZDI-11-266
www.zerodayinitiative.com/advisories/ZDI-11-267
www.zerodayinitiative.com/advisories/ZDI-11-268
www.zerodayinitiative.com/advisories/ZDI-11-269