CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
97.7%
Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files.
Vendor | Product | Version | CPE |
---|---|---|---|
realnetworks | helix_player | * | cpe:2.3:a:realnetworks:helix_player:*:*:*:*:*:*:*:* |
realnetworks | realone_player | 1.0 | cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:* |
realnetworks | realone_player | 2.0 | cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:* |
realnetworks | realplayer | * | cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:* |
realnetworks | realplayer | 8.0 | cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:* |
realnetworks | realplayer | 10.0 | cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:* |
realnetworks | realplayer | 10.5 | cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:* |
marc.info/?l=bugtraq&m=110979465912834&w=2
marc.info/?l=vulnwatch&m=110977858619314&w=2
service.real.com/help/faq/security/050224_player/EN/
www.redhat.com/support/errata/RHSA-2005-265.html
www.redhat.com/support/errata/RHSA-2005-271.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11419