Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-0694
HistoryFeb 21, 2011 - 6:00 p.m.

CVE-2011-0694

2011-02-2118:00:01
[email protected]
web.nvd.nist.gov
5

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.496

Percentile

97.5%

JSON

RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function.

Affected configurations

Nvd
Node
realnetworksrealplayerMatch11.0
OR
realnetworksrealplayerMatch11.1
Node
realnetworksrealplayerMatch14.0.0
OR
realnetworksrealplayerMatch14.0.1
Node
realnetworksrealplayer_spMatch1.0.0
OR
realnetworksrealplayer_spMatch1.0.1
OR
realnetworksrealplayer_spMatch1.0.2
OR
realnetworksrealplayer_spMatch1.0.5
OR
realnetworksrealplayer_spMatch1.1
OR
realnetworksrealplayer_spMatch1.1.1
OR
realnetworksrealplayer_spMatch1.1.2
OR
realnetworksrealplayer_spMatch1.1.3
OR
realnetworksrealplayer_spMatch1.1.4
OR
realnetworksrealplayer_spMatch1.1.5
Node
realnetworksrealplayerMatch2.0enterprise
OR
realnetworksrealplayerMatch2.1enterprise
OR
realnetworksrealplayerMatch2.1.2enterprise
OR
realnetworksrealplayerMatch2.1.3enterprise
OR
realnetworksrealplayerMatch2.1.4enterprise
VendorProductVersionCPE
realnetworksrealplayer11.0cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
realnetworksrealplayer11.1cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
realnetworksrealplayer14.0.0cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*
realnetworksrealplayer14.0.1cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.0cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.1cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.2cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.0.5cpe:2.3:a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.1cpe:2.3:a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*
realnetworksrealplayer_sp1.1.1cpe:2.3:a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 191

Related

cvelist 1
securityvulns 2
prion 1
cve 1
zdi 1
nessus 2
openvas 2
cvelist
cvelist
CVE-2011-0694
2011-02-21 17:00:00
securityvulns
securityvulns
RealNetworks RealPlayer code execution
2011-02-11 00:00:00
ZDI-11-076: RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
2011-02-11 00:00:00
prion
prion
Cross site scripting
2011-02-21 18:00:00
cve
cve
CVE-2011-0694
2011-02-21 18:00:01
zdi
zdi
RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
2011-02-08 00:00:00
nessus
nessus
RealPlayer for Windows < Build 12.0.1.633 Multiple Remote Code Execution Vulnerabilities
2011-01-28 00:00:00
Real Networks RealPlayer < 14.0.2.633 (Build 12.0.1.633) Multiple Remote Code Execution Vulnerabilities
2010-11-15 00:00:00
openvas
openvas
RealNetworks RealPlayer Buffer Overflow Vulnerability - Windows
2011-02-18 00:00:00
RealNetworks RealPlayer Buffer Overflow Vulnerability (Windows)
2011-02-18 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.496

Percentile

97.5%

JSON
Related for NVD:CVE-2011-0694
cvelist1securityvulns2prion1cve1zdi1nessus2openvas2