CVE-2009-4242
RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
Desbordamiento de búfer basado en memoria dinámica en RealNetworks RealPlayer 10, RealPlayer v10.5 6.0.12.1040 hasta v6.0.12.1741, RealPlayer 11 v11.0.0 hasta v11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 y v10.1, Linux RealPlayer 10, y Helix Player v10.x, permite a atacantes remotos ejecutar código arbitrario a través de un fichero GIF con los tamaños de los fragmentos manipulados, que provocan un posicionamiento de memoria erróneo.
This vulnerability allows remote attackers to execute code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a user must open a malicious file or visit a malicious web site.
The specific flaw exists during the parsing of GIF files with forged chunk sizes. The player uses values from the file improperly when allocating a buffer on the heap. An attacker can abuse this to create and then overflow heap buffers leading to arbitrary code execution in the context of the currently logged in user.
*Credits:
Anonymous
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-12-09 CVE Reserved
- 2010-01-21 CVE Published
- 2024-07-25 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html | Mailing List | |
| http://osvdb.org/61966 | Vdb Entry | |
| http://secunia.com/advisories/38450 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/509096/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/37880 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/55795 | Vdb Entry | |
| https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://securitytracker.com/id?1023489 | 2018-10-10 | |
| http://service.real.com/realplayer/security/01192010_player/en | 2018-10-10 | |
| http://www.vupen.com/english/advisories/2010/0178 | 2018-10-10 | |
| http://www.zerodayinitiative.com/advisories/ZDI-10-006 | 2018-10-10 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/38218 | 2018-10-10 | |
| http://www.redhat.com/support/errata/RHSA-2010-0094.html | 2018-10-10 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=561436 | 2010-02-09 | |
| https://access.redhat.com/security/cve/CVE-2009-4242 | 2010-02-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.5 Search vendor "Realnetworks" for product "Realplayer" and version "10.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0 Search vendor "Realnetworks" for product "Realplayer" and version "11.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.1 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.2 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.3 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.3" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.4 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.4" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.5 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Enterprise Search vendor "Realnetworks" for product "Realplayer Enterprise" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Sp Search vendor "Realnetworks" for product "Realplayer Sp" | 1.0.0 Search vendor "Realnetworks" for product "Realplayer Sp" and version "1.0.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Sp Search vendor "Realnetworks" for product "Realplayer Sp" | 1.0.1 Search vendor "Realnetworks" for product "Realplayer Sp" and version "1.0.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.1 Search vendor "Realnetworks" for product "Realplayer" and version "10.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0 Search vendor "Realnetworks" for product "Realplayer" and version "11.0" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.1 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Realnetworks Search vendor "Realnetworks" | Helix Player Search vendor "Realnetworks" for product "Helix Player" | 10.0 Search vendor "Realnetworks" for product "Helix Player" and version "10.0" | - |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Helix Player Search vendor "Realnetworks" for product "Helix Player" | 11.0.0 Search vendor "Realnetworks" for product "Helix Player" and version "11.0.0" | - |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Helix Player Search vendor "Realnetworks" for product "Helix Player" | 11.0.1 Search vendor "Realnetworks" for product "Helix Player" and version "11.0.1" | - |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0" | linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.0 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.0" | linux |
Affected
| ||||||
| Realnetworks Search vendor "Realnetworks" | Realplayer Search vendor "Realnetworks" for product "Realplayer" | 11.0.1 Search vendor "Realnetworks" for product "Realplayer" and version "11.0.1" | linux |
Affected
| ||||||