CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.6%
Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in
datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10;
RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0
through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0;
Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to
execute arbitrary code via a GIF file with crafted chunk sizes that trigger
improper memory allocation.