Vulnerabilities > CVE-2010-0117 - Unspecified vulnerability in Realnetworks Realplayer and Realplayer SP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | REALPLAYER_12_0_0_879.NASL |
description | According to its build number, the installed version of RealPlayer on the remote Windows host has multiple buffer overflow vulnerabilities : - A RealPlayer malformed |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 48907 |
published | 2010-08-27 |
reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/48907 |
title | RealPlayer for Windows < Build 12.0.0.879 Multiple Vulnerabilities |
Oval
accepted | 2010-11-01T04:00:08.796-04:00 | ||||
class | vulnerability | ||||
contributors |
| ||||
definition_extensions |
| ||||
description | RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content. | ||||
family | windows | ||||
id | oval:org.mitre.oval:def:7169 | ||||
status | accepted | ||||
submitted | 2010-09-22T01:48:18 | ||||
title | Vulnerability in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows during YUV420 transformations | ||||
version | 5 |
References
- http://secunia.com/advisories/41096
- http://secunia.com/advisories/41154
- http://secunia.com/secunia_research/2010-5/
- http://service.real.com/realplayer/security/08262010_player/en/
- http://www.securitytracker.com/id?1024370
- http://www.vupen.com/english/advisories/2010/2216
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61421
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7169