Lucene search

Tenable6488.PRM

HistoryMay 17, 2012 - 12:00 a.m.

Real Networks RealPlayer < 15.0.4.53 Multiple Vulnerabilities

2012-05-1700:00:00

Tenable

www.tenable.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.08 Low

EPSS

Percentile

94.3%

JSON

The remote host is running RealPlayer, a multi-media application.

RealPlayer builds earlier than 15.0.4.53 are potentially affected by multiple vulnerabilities :

A memory corruption error exists related to the handling of ‘MP4’ files. (CVE-2012-1904)
An unspecified error exists related to the parsing of ‘RealMedia ASMRuleBook’ files that can lead to remote arbitrary code execution. (CVE-2012-2406)
A buffer overflow exists related to the parsing of ‘RealJukebox Media’ content. (CVE-2012-2411)

Binary data 6488.prm

VendorProductVersionCPE
realnetworksrealplayercpe:/a:realnetworks:realplayer

Vendor	Product	Version	CPE
realnetworks	realplayer		cpe:/a:realnetworks:realplayer

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1904

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2406

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2411

service.real.com/realplayer/security/05152012_player/en

www.nessus.org/u?a70d3491

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.08 Low

EPSS

Percentile

94.3%

JSON

Related for 6488.PRM