Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-0323
HistoryMar 23, 2006 - 11:06 p.m.

CVE-2006-0323

2006-03-2323:06:00
CWE-119
mitre
web.nvd.nist.gov
35
cve-2006-0323
buffer overflow
swfformat.dll
realnetworks
remote code execution
crafted swf files

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.968

Percentile

99.7%

JSON

Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.

Affected configurations

Nvd
Node
realnetworkshelix_player
OR
realnetworksrealone_player
OR
realnetworksrealplayerMatch10.0gold
OR
realnetworksrealplayerMatch10.0.6
OR
realnetworksrealplayerMatch10.5
OR
realnetworksrhapsodyMatch3
VendorProductVersionCPE
realnetworkshelix_player*cpe:2.3:a:realnetworks:helix_player:*:*:*:*:*:*:*:*
realnetworksrealone_player*cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*
realnetworksrealplayer10.0cpe:2.3:a:realnetworks:realplayer:10.0:gold:*:*:*:*:*:*
realnetworksrealplayer10.0.6cpe:2.3:a:realnetworks:realplayer:10.0.6:*:*:*:*:*:*:*
realnetworksrealplayer10.5cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
realnetworksrhapsody3cpe:2.3:a:realnetworks:rhapsody:3:*:*:*:*:*:*:*

Related

seebug 4
freebsd 1
openvas 4
prion 1
nessus 6
gentoo 1
exploitpack 2
redhat 1
packetstorm 1
cert 1
exploitdb 2
checkpoint_advisories 1
cvelist 1
nvd 1
kaspersky 1
securityvulns 2
zdt 1
suse 1
seebug
seebug
RealNetworks Multiple Products Multiple Buffer Overflow Vulnerabilities
2014-07-01 00:00:00
RealPlayer 10.5 (6.0.12.1040-1348) SWF Buffer Overflow PoC
2007-12-26 00:00:00
RealPlayer <= 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow PoC
2014-07-01 00:00:00
freebsd
freebsd
linux-realplayer -- buffer overrun
2006-03-23 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200603-24 (RealPlayer)
2008-09-24 00:00:00
FreeBSD Ports: linux-realplayer
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200603-24 (RealPlayer)
2008-09-24 00:00:00
prion
prion
Buffer overflow
2006-03-23 23:06:00
nessus
nessus
RHEL 3 / 4 : RealPlayer (RHSA-2006:0257)
2013-01-24 00:00:00
GLSA-200603-24 : RealPlayer: Buffer overflow vulnerability
2006-03-27 00:00:00
FreeBSD : linux-realplayer -- buffer overrun (25858c37-bdab-11da-b7d4-00123ffe8333)
2006-05-13 00:00:00
gentoo
gentoo
RealPlayer: Buffer overflow vulnerability
2006-03-26 00:00:00
exploitpack
exploitpack
RealNetworks (Multiple Products) - Multiple Buffer Overflow Vulnerabilities
2006-03-23 00:00:00
RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)
2006-03-28 00:00:00
redhat
redhat
(RHSA-2006:0257) RealPlayer security update
2006-03-22 00:00:00
packetstorm
packetstorm
realplayer-swf-PoC.pl.txt
2006-04-01 00:00:00
cert
cert
RealNetworks products vulnerable to buffer overflow via specially crafted flash media file
2006-04-01 00:00:00
exploitdb
exploitdb
RealNetworks (Multiple Products) - Multiple Buffer Overflow Vulnerabilities
2006-03-23 00:00:00
RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)
2006-03-28 00:00:00
checkpoint_advisories
checkpoint_advisories
RealNetworks RealPlayer SWF Flash File Buffer Overflow (CVE-2006-0323)
2010-02-21 00:00:00
cvelist
cvelist
CVE-2006-0323
2006-03-23 23:00:00
nvd
nvd
CVE-2006-0323
2006-03-23 23:06:00
kaspersky
kaspersky
KLA10310 ACE vulnerability in RealNetworks
2006-03-23 00:00:00
securityvulns
securityvulns
[Full-disclosure] Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities
2006-04-11 00:00:00
[Full-disclosure] SUSE Security Announcement: RealPlayer security problems &#40;SUSE-SA:2006:018&#41;
2006-03-23 00:00:00
zdt
zdt
RealPlayer <= 10.5 (6.0.12.1040-1348) SWF Buffer Overflow PoC
2006-03-28 00:00:00
suse
suse
remote code execution in RealPlayer
2006-03-23 12:04:47

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.968

Percentile

99.7%

JSON
Related for CVE-2006-0323
seebug4freebsd1openvas4prion1nessus6gentoo1exploitpack2redhat1packetstorm1cert1exploitdb2checkpoint_advisories1cvelist1nvd1kaspersky1securityvulns2zdt1suse1