CVE-2007-2263
RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
Un Desbordamiento de búfer en la región Heap de la memoria en RealNetworks RealPlayer las versiones 10.0, 10.1 y posiblemente 10.5, RealOne Player y RealPlayer Enterprise permiten que los atacantes remotos ejecuten código arbitrario por medio de un archivo SWF (Flash) con encabezados de registro mal formados.
This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists in RealPlayer's parsing of SWF files. The SWF rendering DLL RealPlayer uses fails to properly handle malformed record headers leading to an exploitable overflow. An attacker could exploit this vulnerability using an ActiveX control {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} and embedding the malicious swf file in the page or by convincing an affected user to directly open a SWF file using RealPlayer.
*Credits:
Anonymous
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-04-25 CVE Reserved
- 2007-10-31 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/38344 | Vdb Entry | |
| http://www.attrition.org/pipermail/vim/2007-October/001841.html | Mailing List | |
| http://www.securityfocus.com/archive/1/483110/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/26284 | Vdb Entry | |
| http://www.securitytracker.com/id?1018866 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-061.html | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37436 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/27361 | 2018-10-16 | |
| http://service.real.com/realplayer/security/10252007_player/en | 2018-10-16 | |
| http://www.securityfocus.com/bid/26214 | 2018-10-16 |
| URL | Date | SRC |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/3628 | 2018-10-16 | |
| https://access.redhat.com/security/cve/CVE-2007-2263 | 2007-08-17 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=353671 | 2007-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Realnetworks Search vendor "Realnetworks" | Realone Player Search vendor "Realnetworks" for product "Realone Player" | * | mac, en |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realone Player Search vendor "Realnetworks" for product "Realone Player" | 2.0 Search vendor "Realnetworks" for product "Realone Player" and version "2.0" | windows |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | windows |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.0.305, mac |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.0.331, mac |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.0.352, mac |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.5, linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.6, linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.7, linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.8, linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | 10.0.9, linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.1 Search vendor "Realnetworks" for product "Realplayer" and version "10.1" | 10.0.0.396, mac |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.1 Search vendor "Realnetworks" for product "Realplayer" and version "10.1" | 10.0.0.412, mac |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.5 Search vendor "Realnetworks" for product "Realplayer" and version "10.5" | 6.0.12.1040, windows |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.5 Search vendor "Realnetworks" for product "Realplayer" and version "10.5" | 6.0.12.1578, windows |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.5 Search vendor "Realnetworks" for product "Realplayer" and version "10.5" | 6.0.12.1698, windows |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.5 Search vendor "Realnetworks" for product "Realplayer" and version "10.5" | 6.0.12.1741, windows |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Enterprise Search vendor "Realnetworks" for product "Realplayer Enterprise" | * | windows, en |
Affected
| ||||||