Lucene search

K
nessusTenable6574.PRM
HistorySep 12, 2012 - 12:00 a.m.

Real Networks RealPlayer < 15.0.6.14 Multiple Vulnerabilities

2012-09-1200:00:00
Tenable
www.tenable.com
7

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.0%

The remote host is running RealPlayer, a multi-media application.

RealPlayer builds earlier than 15.0.6.14 are potentially affected by multiple vulnerabilities :

  • A buffer overflow error exists related to ‘AAC’ handling, specifically unpacking of the stream data. (CVE-2012-2407)

  • A heap-corruption error exists related to the ‘AAC SDK’ decoding. (CVE-2012-2408)

  • Two unspecified buffer overflow errors exist related to ‘RealMedia’. (CVE-2012-2409, CVE-2012-2410)

  • A divide-by-zero error exists related to ‘RealAudio’ and codec frame size. (CVE-2012-3234)

Binary data 6574.prm
VendorProductVersionCPE
realnetworksrealplayercpe:/a:realnetworks:realplayer

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.0%