Heap overflow

2007-10-3117:46:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.956 High

EPSS

Percentile

99.4%

JSON

Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.

CPENameOperatorVersion
realone_playereq2.0 windows
realplayereq10.0 10.0.7-linux
realplayereq10.5 6.0.12.1040-windows
realplayereq10.5 6.0.12.1741-windows
realplayereq10.0 10.0.9-linux
realplayereq10.1 10.0.0.396-mac
realplayereq10.5 6.0.12.1578-windows
realplayereq10.0 10.0.8-linux
realplayereq10.5 6.0.12.1698-windows
realplayereq10.0 10.0.0.305-mac

Name	Operator	Version
realone_player	eq	2.0 windows
realplayer	eq	10.0 10.0.7-linux
realplayer	eq	10.5 6.0.12.1040-windows
realplayer	eq	10.5 6.0.12.1741-windows
realplayer	eq	10.0 10.0.9-linux
realplayer	eq	10.1 10.0.0.396-mac
realplayer	eq	10.5 6.0.12.1578-windows
realplayer	eq	10.0 10.0.8-linux
realplayer	eq	10.5 6.0.12.1698-windows
realplayer	eq	10.0 10.0.0.305-mac