CVSS: 9.3EPSS: 8%CPEs: 23EXPL: 0CVE-2010-4397 – RealNetworks RealPlayer AAC TIT2 Atom Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4397
Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file. Desbordamiento de entero en el módulo pnen3260.dll en RealNetworks RealPlayer v11.0 hasta v11.1, RealPlayer SP v1.0 hasta v1.1.1, Mac RealPlayer v11.0 hasta 11.1, y Linux RealPlayer v11.0.2.1744, permite a atacantes remotos ejecutar código de su elección a través de un atom TIT2 manipulado en un archivo AAC. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in RealPlayer's pnen3260.dll module while parsing the TIT2 atom within AAC files. The code within this module does not account for a negative size during an allocation and later uses the value as unsigned within a copy loop. • http://osvdb.org/69856 http://service.real.com/realplayer/security/12102010_player/en http://www.securitytracker.com/id?1024861 http://www.zerodayinitiative.com/advisories/ZDI-10-269 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 20%CPEs: 23EXPL: 0CVE-2010-4376 – RealNetworks RealPlayer RTSP GIF Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4376
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream. Desbordamiento de búfer basado en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.1, Mac RealPlayer v11.0 a v11.1 y Linux RealPlayer v11.0.2.1744 permite a atacantes remotos ejecutar código arbitrario a través de un valor de Ancho de pantalla demasiado alto en la cabecera "Screen Descriptor" de un fichero GIF87a en un stream RTSP. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious media file. The specific flaw exists in the parsing of GIF87a files over the streaming protocol RTSP. When specifying a large Screen Width size in the Screen Descriptor header a calculation on the destination heap chunks size is improperly checked for overflow. • http://service.real.com/realplayer/security/12102010_player/en http://www.securityfocus.com/bid/45411 http://www.securitytracker.com/id?1024861 http://www.zerodayinitiative.com/advisories/ZDI-10-271 https://access.redhat.com/security/cve/CVE-2010-4376 https://bugzilla.redhat.com/show_bug.cgi?id=662772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 17EXPL: 0CVE-2010-2578
https://notcve.org/view.php?id=CVE-2010-2578
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file. Desbordamiento de buffer basado en pila en RealNetworks RealPlayer v11.0 hasta la v11.1, RealPlayer SP 1.0 hasta la v1.1.4, y RealPlayer Enterprise v2.1.2 permite a atacantes remotos tener un impacto sin especificar a través de un fichero QCP modificado. • http://service.real.com/realplayer/security/10152010_player/en http://www.securityfocus.com/bid/44144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2010-3748
https://notcve.org/view.php?id=CVE-2010-3748
Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors. Desbordamiento de buffer basado en pila en el componente RichFX de RealNetworks RealPlayer v11.0 hasta la v11.1, RealPlayer SP 1.0 hasta la v1.1.4, y RealPlayer Enterprise v2.1.2 permite a atacantes remotos provocar una impacto sin determinar a través de vectores desconocidos. • http://service.real.com/realplayer/security/10152010_player/en http://www.securityfocus.com/bid/44144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 18%CPEs: 16EXPL: 0CVE-2010-3751 – RealNetworks RealPlayer Multiple Protocol Handlers Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3751
Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler. Múltiples desbordamientos de buffer de memoria dinámica en un control ActiveX de RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP 1.0 hasta la v1.1.4 permiten a atacantes remotos ejecutar código de su elección a través de un argumento .smil extenso al manejador del protocolo (1) tfile, (2) pnmm, o (3) cdda. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the RealPlayer ActiveX control. This module is responsible for handling the tfile, pnmm, cdda, protocol handlers. • http://service.real.com/realplayer/security/10152010_player/en http://www.securityfocus.com/bid/44144 http://www.zerodayinitiative.com/advisories/ZDI-10-213 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •