Lucene search
HistoryDec 14, 2010 - 4:00 p.m.
CVE-2010-4386
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.029
Percentile
90.9%
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted RealMedia video file.
Affected configurations
Node
realnetworksrealplayerMatch11.0
ORrealnetworksrealplayerMatch11.0.1
ORrealnetworksrealplayerMatch11.0.2
ORrealnetworksrealplayerMatch11.0.3
ORrealnetworksrealplayerMatch11.0.4
ORrealnetworksrealplayerMatch11.0.5
ORrealnetworksrealplayerMatch11.1
Node
realnetworksrealplayer_spMatch1.0.0
ORrealnetworksrealplayer_spMatch1.0.1
ORrealnetworksrealplayer_spMatch1.0.2
ORrealnetworksrealplayer_spMatch1.0.5
ORrealnetworksrealplayer_spMatch1.1
ORrealnetworksrealplayer_spMatch1.1.1
ORrealnetworksrealplayer_spMatch1.1.2
ORrealnetworksrealplayer_spMatch1.1.3
ORrealnetworksrealplayer_spMatch1.1.4
Node
realnetworksrealplayerMatch11.0.2.1744
linuxlinux_kernel
| Vendor | Product | Version | CPE |
|---|---|---|---|
| realnetworks | realplayer | 11.0 | cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:* |
| realnetworks | realplayer | 11.0.1 | cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:* |
| realnetworks | realplayer | 11.0.2 | cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:* |
| realnetworks | realplayer | 11.0.3 | cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:* |
| realnetworks | realplayer | 11.0.4 | cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:* |
| realnetworks | realplayer | 11.0.5 | cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:* |
| realnetworks | realplayer | 11.1 | cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:* |
| realnetworks | realplayer_sp | 1.0.0 | cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:* |
| realnetworks | realplayer_sp | 1.0.1 | cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:* |
| realnetworks | realplayer_sp | 1.0.2 | cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-4386
2010-12-14 15:00:00
securityvulns
securityvulns
iDefense Security Advisory 12.10.10: RealNetworks RealPlayer Memory Corruption Vulnerability
2010-12-14 00:00:00
Real Player multiple security vulnerabilities
2010-12-21 00:00:00
cve
cve
CVE-2010-4386
2010-12-14 16:00:04
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:52:03
prion
prion
Memory corruption
2010-12-14 16:00:00
redhat
redhat
(RHSA-2010:0981) Critical: HelixPlayer removal
2010-12-14 00:00:00
oraclelinux
oraclelinux
HelixPlayer removal
2010-12-14 00:00:00
openvas
openvas
CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 i386
2011-08-09 00:00:00
CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 x86_64
2012-07-30 00:00:00
CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 x86_64
2012-07-30 00:00:00
nessus
nessus
CentOS 4 : HelixPlayer removal (CESA-2010:0981)
2011-01-28 00:00:00
Oracle Linux 4 : HelixPlayer removal (ELSA-2010-0981)
2013-07-12 00:00:00
Scientific Linux Security Update : HelixPlayer on SL4.x i386/x86_64
2012-08-01 00:00:00
centos
centos
HelixPlayer security update
2011-01-27 09:15:23
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.029
Percentile
90.9%
Related for NVD:CVE-2010-4386