Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:092A523357F81E7BEC14CF6AC3B66E48
HistoryOct 22, 2010 - 12:00 a.m.

RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution

2010-10-2200:00:00
SAINT Corporation
www.saintcorporation.com
17

EPSS

0.956

Percentile

99.4%

JSON

Added: 10/22/2010
CVE: CVE-2010-3747
BID: 44144
OSVDB: 68673

Background

RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages.

Problem

CDDA (cdda://) is a protocol used to locate media files on Compact Disc Digital Audio. The **Source** property of the ActiveX control with **ProgID** **rmocx.RealPlayer G2 Control.1** in **rmoc3260.dll** is used to specify the URI of the location of a media file via URIs based on **pnm:**, **file:**, or **http:** protocols, not **cdda:**. By setting the **Source** property to a CDDA URI, an attacker can cause code to be executed from an uninitialized pointer, and a long enough CDDA URI can control the value of the uninitialized pointer, thereby allowing remote code execution in the security context of the currently logged on user.

Resolution

See the RealNetworks advisory for fix information.

References

<http://www.zerodayinitiative.com/advisories/ZDI-10-210/&gt;

Limitations

Exploit works on RealNetworks Realplayer 11.1.1 and requires the user to open the exploit page using Internet Explorer 6 or 7.

Platforms

Windows

Related

cve 1
saint 3
prion 1
exploitdb 1
zdt 1
nvd 1
checkpoint_advisories 2
d2 1
zdi 1
cvelist 1
metasploit 1
packetstorm 1
nessus 3
openvas 2
cve
cve
CVE-2010-3747
2010-10-19 00:00:01
saint
saint
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
2010-10-22 00:00:00
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
2010-10-22 00:00:00
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
2010-10-22 00:00:00
prion
prion
Null pointer dereference
2010-10-19 00:00:00
exploitdb
exploitdb
RealNetworks RealPlayer - CDDA URI Initialization (Metasploit)
2011-03-17 00:00:00
zdt
zdt
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
2011-03-18 00:00:00
nvd
nvd
CVE-2010-3747
2010-10-19 00:00:01
checkpoint_advisories
checkpoint_advisories
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution (CVE-2010-3747)
2010-10-28 00:00:00
RealPlayer CDDA URI Code Execution - Ver2 (CVE-2010-3747)
2014-01-28 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_CDDAURI
2010-10-19 00:00:00
zdi
zdi
RealNetworks RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Remote Code Execution Vulnerability
2010-10-15 00:00:00
cvelist
cvelist
CVE-2010-3747
2010-10-18 22:00:00
metasploit
metasploit
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
2011-03-17 15:42:28
packetstorm
packetstorm
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
2011-03-18 00:00:00
nessus
nessus
RealPlayer Enterprise for Windows < Build 6.0.12.1823 Multiple Vulnerabilities
2010-10-19 00:00:00
Real Networks RealPlayer SP < 1.1.5 Multiple Vulnerabilities
2010-08-27 00:00:00
RealPlayer for Windows < Build 12.0.0.879 Multiple Vulnerabilities
2010-08-27 00:00:00
openvas
openvas
RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Dec10
2010-12-29 00:00:00
RealNetworks RealPlayer Multiple Vulnerabilities (Dec 2010) - Windows
2010-12-29 00:00:00

EPSS

0.956

Percentile

99.4%

JSON
Related for SAINT:092A523357F81E7BEC14CF6AC3B66E48
cve1saint3prion1exploitdb1zdt1nvd1checkpoint_advisories2d21zdi1cvelist1metasploit1packetstorm1nessus3openvas2