Lucene search

[email protected]NVD:CVE-2012-1904

HistoryMar 28, 2012 - 10:55 a.m.

CVE-2012-1904

2012-03-2810:55:00

CWE-119

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.

Affected configurations

NVD

Node

realnetworksrealplayerRange≤15.0.0

realnetworksrealplayerMatch4

realnetworksrealplayerMatch5

realnetworksrealplayerMatch6

realnetworksrealplayerMatch7

realnetworksrealplayerMatch8

realnetworksrealplayerMatch10.0

realnetworksrealplayerMatch10.5

realnetworksrealplayerMatch11.0

realnetworksrealplayerMatch11.0.1

realnetworksrealplayerMatch11.0.2

realnetworksrealplayerMatch11.0.2.1744

realnetworksrealplayerMatch11.0.2.2315

realnetworksrealplayerMatch11.0.3

realnetworksrealplayerMatch11.0.4

realnetworksrealplayerMatch11.0.5

realnetworksrealplayerMatch11.1

realnetworksrealplayerMatch11.1.3

realnetworksrealplayerMatch11_build_6.0.14.748

realnetworksrealplayerMatch12.0.0.1444

realnetworksrealplayerMatch12.0.0.1548

realnetworksrealplayerMatch14.0.0

realnetworksrealplayerMatch14.0.1

realnetworksrealplayerMatch14.0.1.609

realnetworksrealplayerMatch14.0.2

realnetworksrealplayerMatch14.0.3

realnetworksrealplayerMatch14.0.4

realnetworksrealplayerMatch14.0.5

Node

realnetworksrealplayer_spRange≤1.1.4

realnetworksrealplayer_spMatch1.0.0

realnetworksrealplayer_spMatch1.0.1

realnetworksrealplayer_spMatch1.0.2

realnetworksrealplayer_spMatch1.0.5

realnetworksrealplayer_spMatch1.1

realnetworksrealplayer_spMatch1.1.1

realnetworksrealplayer_spMatch1.1.2

realnetworksrealplayer_spMatch1.1.3

References

packetstormsecurity.org/files/111162/RealPlayer-1.1.4-Memory-Corruption.html

secunia.com/advisories/49193

www.securitytracker.com/id?1027076

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for NVD:CVE-2012-1904

cve1 prion1 cvelist1 nessus2 openvas2