CVE-2009-0376
RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin.
Archivo dll en RealNetworks RealPlayer 11, permite a atacantes remotos ejecutar código de su elección a través de un archivo Internet Video Recording (IVR) manipulado con un campo modificado que controla el tamaño de una estructura sin especificar y lanza una corrupción en el montículo (heap), relacionado con el uso de RealPlayer a través del componente de Windows Explorer.
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within RealPlayer's parsing of IVR files. The process trusts size values present in the file and uses them unsafely in various file I/O and memory allocation operations. A specially crafted file can cause memory overflows to occur leading to arbitrary code execution under the context of the user running the player.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-01-30 CVE Reserved
- 2009-02-06 CVE Published
- 2024-03-30 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/33810 | Third Party Advisory | |
| http://secunia.com/advisories/38218 | Third Party Advisory | |
| http://service.real.com/realplayer/security/01192010_player/en | X_refsource_confirm | |
| http://www.fortiguardcenter.com/advisory/FGA-2009-04.html | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/500722/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/509097/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/33652 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2010/0178 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-10-009 | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/48568 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11 Search vendor "Realnetworks" for product "Realplayer" and version "11" | - |
Affected
| ||||||