Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-3410
HistoryJun 26, 2007 - 10:30 p.m.

CVE-2007-3410

2007-06-2622:30:00
CWE-119
[email protected]
web.nvd.nist.gov
3

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.953

Percentile

99.4%

JSON

Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.

Affected configurations

Nvd
Node
realnetworkshelix_playerMatch10.0.5
OR
realnetworkshelix_playerMatch10.0.6
OR
realnetworkshelix_playerMatch10.0.7
OR
realnetworkshelix_playerMatch10.0.8
OR
realnetworkshelix_playerMatch10.5-gold
OR
realnetworksrealone_player
OR
realnetworksrealplayerMatch10.0
OR
realnetworksrealplayerMatch10.1
OR
realnetworksrealplayerMatch10.5
OR
realnetworksrealplayer_enterprise
VendorProductVersionCPE
realnetworkshelix_player10.0.5cpe:2.3:a:realnetworks:helix_player:10.0.5:*:*:*:*:*:*:*
realnetworkshelix_player10.0.6cpe:2.3:a:realnetworks:helix_player:10.0.6:*:*:*:*:*:*:*
realnetworkshelix_player10.0.7cpe:2.3:a:realnetworks:helix_player:10.0.7:*:*:*:*:*:*:*
realnetworkshelix_player10.0.8cpe:2.3:a:realnetworks:helix_player:10.0.8:*:*:*:*:*:*:*
realnetworkshelix_player10.5-goldcpe:2.3:a:realnetworks:helix_player:10.5-gold:*:*:*:*:*:*:*
realnetworksrealone_player*cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*
realnetworksrealplayer10.0cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
realnetworksrealplayer10.1cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*
realnetworksrealplayer10.5cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
realnetworksrealplayer_enterprise*cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:*:*:*:*:*:*

References

Related

checkpoint_advisories 1
prion 1
nessus 10
securityvulns 2
saint 4
oraclelinux 1
openvas 6
fedora 1
d2 1
cert 1
redhat 2
cvelist 1
ubuntucve 1
seebug 1
centos 1
gentoo 1
exploitdb 1
cve 1
freebsd 1
checkpoint_advisories
checkpoint_advisories
RealNetworks Multiple Products SMIL wallclock Stack Overflow (CVE-2007-3410)
2009-10-04 00:00:00
prion
prion
Stack overflow
2007-06-26 22:30:00
nessus
nessus
RHEL 4 : HelixPlayer (RHSA-2007:0605)
2007-06-29 00:00:00
CentOS 4 : HelixPlayer (CESA-2007:0605)
2007-06-29 00:00:00
Fedora 7 : HelixPlayer-1.0.7-6.fc7 (2007-0756)
2007-11-06 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 06.26.07: RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability
2007-06-27 00:00:00
RealPlayer / HelixPlayer buffer overflow
2007-06-27 00:00:00
saint
saint
RealPlayer SMIL file wallclock buffer overflow
2007-06-29 00:00:00
RealPlayer SMIL file wallclock buffer overflow
2007-06-29 00:00:00
RealPlayer SMIL file wallclock buffer overflow
2007-06-29 00:00:00
oraclelinux
oraclelinux
Critical: HelixPlayer security update
2007-06-27 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200709-05 (realplayer)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200709-05 (realplayer)
2008-09-24 00:00:00
Fedora Update for HelixPlayer FEDORA-2007-0756
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: HelixPlayer-1.0.7-6.fc7
2007-06-29 14:04:07
d2
d2
DSquare Exploit Pack: D2SEC_REAL_WALLCLOCK
2007-06-26 22:30:00
cert
cert
RealNetworks players SMIL "wallclock" buffer overflow
2007-06-28 00:00:00
redhat
redhat
(RHSA-2007:0605) Critical: HelixPlayer security update
2007-06-27 00:00:00
(RHSA-2007:0841) Critical: RealPlayer security update
2007-08-17 00:00:00
cvelist
cvelist
CVE-2007-3410
2007-06-26 22:00:00
ubuntucve
ubuntucve
CVE-2007-3410
2007-06-26 00:00:00
seebug
seebug
RealPlayer/HelixPlayer ParseWallClockValue函数栈缓冲区溢出漏洞
2007-06-28 00:00:00
centos
centos
HelixPlayer security update
2007-06-28 09:45:28
gentoo
gentoo
RealPlayer: Buffer overflow
2007-09-14 00:00:00
exploitdb
exploitdb
RealNetworks RealPlayer/HelixPlayer - SMIL wallclock Stack Overflow (PoC)
2007-06-27 00:00:00
cve
cve
CVE-2007-3410
2007-06-26 22:30:00
freebsd
freebsd
linux-realplayer -- multiple vulnerabilities
2007-10-25 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.953

Percentile

99.4%

JSON
Related for NVD:CVE-2007-3410
checkpoint_advisories1prion1nessus10securityvulns2saint4oraclelinux1openvas6fedora1d21cert1redhat2cvelist1ubuntucve1seebug1centos1gentoo1exploitdb1cve1freebsd1