CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
96.7%
Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
realnetworks | helix_player | 1.0 | cpe:2.3:a:realnetworks:helix_player:1.0:*:*:*:*:linux:*:* |
realnetworks | realone_player | 1.0 | cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:* |
realnetworks | realone_player | 2.0 | cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:* |
realnetworks | realone_player | 9.0.0.288 | cpe:2.3:a:realnetworks:realone_player:9.0.0.288:*:*:*:*:macos:*:* |
realnetworks | realone_player | 9.0.0.297 | cpe:2.3:a:realnetworks:realone_player:9.0.0.297:*:*:*:*:macos:*:* |
realnetworks | realplayer | - | cpe:2.3:a:realnetworks:realplayer:-:*:*:*:enterprise:*:*:* |
realnetworks | realplayer | 8.0 | cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:* |
realnetworks | realplayer | 8.0 | cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:mac_os_x:*:* |
realnetworks | realplayer | 8.0 | cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:unix:*:* |
realnetworks | realplayer | 10.0 | cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:* |