Tenable6574.PRMReal Networks RealPlayer < 15.0.6.14 Multiple Vulnerabilities
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.0%
The remote host is running RealPlayer, a multi-media application.
RealPlayer builds earlier than 15.0.6.14 are potentially affected by multiple vulnerabilities :
-
A buffer overflow error exists related to ‘AAC’ handling, specifically unpacking of the stream data. (CVE-2012-2407)
-
A heap-corruption error exists related to the ‘AAC SDK’ decoding. (CVE-2012-2408)
-
Two unspecified buffer overflow errors exist related to ‘RealMedia’. (CVE-2012-2409, CVE-2012-2410)
-
A divide-by-zero error exists related to ‘RealAudio’ and codec frame size. (CVE-2012-3234)
Binary data 6574.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| realnetworks | realplayer | cpe:/a:realnetworks:realplayer |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2409
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2410
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3234
service.real.com/realplayer/security/09072012_player/en
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.0%