Vulnerabilities > CVE-2010-0116 - Numeric Errors vulnerability in Realnetworks Realplayer and Realplayer SP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows |
NASL id | REALPLAYER_12_0_0_879.NASL |
description | According to its build number, the installed version of RealPlayer on the remote Windows host has multiple buffer overflow vulnerabilities : - A RealPlayer malformed |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 48907 |
published | 2010-08-27 |
reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/48907 |
title | RealPlayer for Windows < Build 12.0.0.879 Multiple Vulnerabilities |
Oval
accepted | 2010-11-01T04:00:11.124-04:00 | ||||
class | vulnerability | ||||
contributors |
| ||||
definition_extensions |
| ||||
description | Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow. | ||||
family | windows | ||||
id | oval:org.mitre.oval:def:7326 | ||||
status | accepted | ||||
submitted | 2010-09-22T01:48:18 | ||||
title | Integer overflow vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 | ||||
version | 5 |
References
- http://secunia.com/advisories/41096
- http://secunia.com/advisories/41154
- http://secunia.com/secunia_research/2010-3/
- http://service.real.com/realplayer/security/08262010_player/en/
- http://www.securitytracker.com/id?1024370
- http://www.vupen.com/english/advisories/2010/2216
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61420
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7326