Lucene search

MitreCVE-2005-2922

HistoryMar 23, 2006 - 11:00 p.m.

CVE-2005-2922

2006-03-2323:00:00

CWE-119

mitre

web.nvd.nist.gov

cve-2005-2922

realnetworks

buffer overflow

remote code execution

denial of service

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.024

Percentile

89.9%

JSON

Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.

Affected configurations

Nvd

Node

realnetworkshelix_playerMatch10.0linux

realnetworkshelix_playerMatch10.0.1linux

realnetworkshelix_playerMatch10.0.2linux

realnetworkshelix_playerMatch10.0.3linux

realnetworkshelix_playerMatch10.0.4linux

realnetworkshelix_playerMatch10.0.5linux

realnetworkshelix_playerMatch10.0.6linux

realnetworksrealone_player

realnetworksrealone_playerMatch0.288mac_os_x

realnetworksrealone_playerMatch0.297mac_os_x

realnetworksrealone_playerMatch1.0

realnetworksrealone_playerMatch2.0

realnetworksrealplayerenterprise

realnetworksrealplayerMatch8.0win32

realnetworksrealplayerMatch10.0

realnetworksrealplayerMatch10.0.0.305mac_os

realnetworksrealplayerMatch10.0.0.331mac_os

realnetworksrealplayerMatch10.0.1linux

realnetworksrealplayerMatch10.0.2linux

realnetworksrealplayerMatch10.0.3linux

realnetworksrealplayerMatch10.0.4linux

realnetworksrealplayerMatch10.0.5linux

realnetworksrealplayerMatch10.0.6linux

realnetworksrealplayerMatch10.5

realnetworksrealplayerMatch10.5_6.0.12.1040

realnetworksrealplayerMatch10.5_6.0.12.1053

realnetworksrealplayerMatch10.5_6.0.12.1056

realnetworksrealplayerMatch10.5_6.0.12.1059

realnetworksrealplayerMatch10.5_6.0.12.1069

realnetworksrealplayerMatch10.5_6.0.12.1235

realnetworksrhapsodyMatch3.0

realnetworksrhapsodyMatch3.0_build_0.815

VendorProductVersionCPE
realnetworkshelix_player10.0cpe:2.3:a:realnetworks:helix_player:10.0:*:linux:*:*:*:*:*
realnetworkshelix_player10.0.1cpe:2.3:a:realnetworks:helix_player:10.0.1:*:linux:*:*:*:*:*
realnetworkshelix_player10.0.2cpe:2.3:a:realnetworks:helix_player:10.0.2:*:linux:*:*:*:*:*
realnetworkshelix_player10.0.3cpe:2.3:a:realnetworks:helix_player:10.0.3:*:linux:*:*:*:*:*
realnetworkshelix_player10.0.4cpe:2.3:a:realnetworks:helix_player:10.0.4:*:linux:*:*:*:*:*
realnetworkshelix_player10.0.5cpe:2.3:a:realnetworks:helix_player:10.0.5:*:linux:*:*:*:*:*
realnetworkshelix_player10.0.6cpe:2.3:a:realnetworks:helix_player:10.0.6:*:linux:*:*:*:*:*
realnetworksrealone_player*cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*
realnetworksrealone_player0.288cpe:2.3:a:realnetworks:realone_player:0.288:*:mac_os_x:*:*:*:*:*
realnetworksrealone_player0.297cpe:2.3:a:realnetworks:realone_player:0.297:*:mac_os_x:*:*:*:*:*

Vendor	Product	Version	CPE
realnetworks	helix_player	10.0	cpe:2.3:a:realnetworks:helix_player:10.0::linux:::::
realnetworks	helix_player	10.0.1	cpe:2.3:a:realnetworks:helix_player:10.0.1::linux:::::
realnetworks	helix_player	10.0.2	cpe:2.3:a:realnetworks:helix_player:10.0.2::linux:::::
realnetworks	helix_player	10.0.3	cpe:2.3:a:realnetworks:helix_player:10.0.3::linux:::::
realnetworks	helix_player	10.0.4	cpe:2.3:a:realnetworks:helix_player:10.0.4::linux:::::
realnetworks	helix_player	10.0.5	cpe:2.3:a:realnetworks:helix_player:10.0.5::linux:::::
realnetworks	helix_player	10.0.6	cpe:2.3:a:realnetworks:helix_player:10.0.6::linux:::::
realnetworks	realone_player	*	cpe:2.3:a:realnetworks:realone_player::::::::
realnetworks	realone_player	0.288	cpe:2.3:a:realnetworks:realone_player:0.288::mac_os_x:::::
realnetworks	realone_player	0.297	cpe:2.3:a:realnetworks:realone_player:0.297::mac_os_x:::::