CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2010-4383 – HelixPlayer multiple flaws (CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392, CVE-2010-4376)
https://notcve.org/view.php?id=CVE-2010-4383
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 12.0.0.1444, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted RA5 file. Un desbordamiento de búfer basado en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4, RealPlayer Enterprise v2.1.2, Mac RealPlayer v11.0 a v12.0.0.1444 y Linux RealPlayer v11.0.2.1744 permite a atacantes remotos tener un impacto no especificado a través de un archivo RA5 modificado. • http://service.real.com/realplayer/security/12102010_player/en http://www.redhat.com/support/errata/RHSA-2010-0981.html http://www.securitytracker.com/id?1024861 https://access.redhat.com/security/cve/CVE-2010-4383 https://bugzilla.redhat.com/show_bug.cgi?id=662772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2010-0125
https://notcve.org/view.php?id=CVE-2010-0125
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, which has unspecified impact and remote attack vectors. RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4, RealPlayer Enterprise v2.1.2 y Mac RealPlayer v11.0 a v12.0.0.1444 no analiza correctamente los datos de espectro en los archivos AAC, que tiene un impacto no especificado usando vectores de ataque remotos. • http://service.real.com/realplayer/security/12102010_player/en http://www.securitytracker.com/id?1024861 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2010-0121
https://notcve.org/view.php?id=CVE-2010-0121
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors. El codec cook en RealNetworks RealPlayer v11.0 hasta 11.1, RealPlayer SP 1.0 hasta v1.1.5, Mac RealPlayer 11.0 hasta v12.0.0.144, y Linux RealPlayer v11.0.2.1744 no realiza correctamente la inicialización, que tiene un impacto y unos vectores de ataque no especificados. • http://service.real.com/realplayer/security/12102010_player/en http://www.securitytracker.com/id?1024861 •
CVSS: 9.3EPSS: 0%CPEs: 26EXPL: 0CVE-2010-4381
https://notcve.org/view.php?id=CVE-2010-4381
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 allows remote attackers to have an unspecified impact via a crafted AAC file. Desbordamiento de búfer basado en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4, RealPlayer Enterprise v2.1.2 y Mac RealPlayer v11.0 a v12.0.0.1444 permite a atacantes remotos tener un impacto no especificado a través de un archivo AAC modificado. • http://service.real.com/realplayer/security/12102010_player/en http://www.securitytracker.com/id?1024861 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 27EXPL: 0CVE-2010-4387
https://notcve.org/view.php?id=CVE-2010-4387
The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio stream in a RealMedia file. El codec RealAudio en RealNetworks RealPlayer v11.0 hasta v11.1, RealPlayer SP v1.0 hasta v1.1.5, Mac RealPlayer v11.0 hasta v12.0.0.1444, y Linux RealPlayer v11.0.2.1744 permite a atacantes remotos ejecutar código de su elección y provocar una denegación de servicio (corrupción del montón de memoria) a través de una corriente de audio manipulada en un archivo RealMedia • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=884 http://service.real.com/realplayer/security/12102010_player/en http://www.securitytracker.com/id?1024861 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •