4 results (0.005 seconds)

CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0

The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted arguments to the (1) AddTag, (2) Ping, (3) QueuePause, (4) QueueRemove, (5) QueueTop, (6) RemoveTag, (7) TagRemoved, or (8) message method. El control de ActiveX RACInstaller.StateCtrl.1 en InstallerDlg.dll en RealNetworks GameHouse RealArcade Installer 2.6.0.481 realiza conversiones de tipos inesperados para tipos de parámetro inválidos, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (uso después de liberación) a través de argumentos manipulados en el método (1) AddTag, (2) Ping, (3) QueuePause, (4) QueueRemove, (5) QueueTop, (6) RemoveTag, (7) TagRemoved, o (8) message. • http://www.osvdb.org/96919 http://www.riskbasedsecurity.com/reports/RBS-GameHouseAnalysis-Sept2013.pdf https://www.riskbasedsecurity.com/research/RBS-2013-006.pdf •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory. RealNetworks GameHouse RealArcade Installer (también conocido como ActiveMARK Game Installer) 2.6.0.481 y 3.0.7 utiliza permisos débiles (Crear ficheros/Escribir datos) para el árbol del directorio de GameHouse Games, lo que permite a usuarios locales ganar privilegios a través de un DLL troyano en el directorio de un juego individual, tal y como fue demostrado por DDRAW.DLL en el directorio de Zuma Deluxe. • http://www.osvdb.org/96918 http://www.riskbasedsecurity.com/reports/RBS-GameHouseAnalysis-Sept2013.pdf https://www.riskbasedsecurity.com/research/RBS-2013-005.pdf • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag. • http://marc.info/?l=bugtraq&m=110792779115794&w=2 http://secunia.com/advisories/14187 http://securitytracker.com/id?1013128 http://www.securityfocus.com/bid/12494 https://exchange.xforce.ibmcloud.com/vulnerabilities/19260 •

CVSS: 5.1EPSS: 3%CPEs: 1EXPL: 0

Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow. • http://marc.info/?l=bugtraq&m=110792779115794&w=2 http://secunia.com/advisories/14187 http://securitytracker.com/id?1013128 https://exchange.xforce.ibmcloud.com/vulnerabilities/19259 •