Search

Find a vulnerability

Search criteria

    40 vulnerabilities found for helix_player by realnetworks

    CVE-2010-0417 (GCVE-0-2010-0417)

    Vulnerability from nvd – Published: 2010-02-18 23:00 – Updated: 2024-08-07 00:45
    VLAI
    Summary
    Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:45:12.279Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "oval:org.mitre.oval:def:11364",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11364"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "[common-cvs] 20080114 util rlstate.cpp,1.9,1.10",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2008-January/015484.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/common/util/rlstate.cpp?view=log#rev1.10"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561860"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11364",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11364"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "[common-cvs] 20080114 util rlstate.cpp,1.9,1.10",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2008-January/015484.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/common/util/rlstate.cpp?view=log#rev1.10"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561860"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-0417",
        "datePublished": "2010-02-18T23:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:45:12.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0416 (GCVE-0-2010-0416)

    Vulnerability from nvd – Published: 2010-02-18 23:00 – Updated: 2024-08-07 00:45
    VLAI
    Summary
    Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:45:12.255Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/common/util/hxurl.cpp?view=log#rev1.24.4.1.4.1"
              },
              {
                "name": "[common-cvs] 20070703 util hxurl.cpp,1.24.4.1,1.24.4.1.4.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2007-July/014956.html"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561856"
              },
              {
                "name": "oval:org.mitre.oval:def:10847",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10847"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/common/util/hxurl.cpp?view=log#rev1.24.4.1.4.1"
            },
            {
              "name": "[common-cvs] 20070703 util hxurl.cpp,1.24.4.1,1.24.4.1.4.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2007-July/014956.html"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561856"
            },
            {
              "name": "oval:org.mitre.oval:def:10847",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10847"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-0416",
        "datePublished": "2010-02-18T23:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:45:12.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4257 (GCVE-0-2009-4257)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
              },
              {
                "name": "realnetworks-realplayer-smil-bo(55798)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
              },
              {
                "name": "oval:org.mitre.oval:def:11110",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
            },
            {
              "name": "realnetworks-realplayer-smil-bo(55798)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
            },
            {
              "name": "oval:org.mitre.oval:def:11110",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
                },
                {
                  "name": "realnetworks-realplayer-smil-bo(55798)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561309",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
                },
                {
                  "name": "oval:org.mitre.oval:def:11110",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4257",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.213Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4248 (GCVE-0-2009-4248)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
              },
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "[client-dev] 20080117 CR: fix for bug 211210",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "oval:org.mitre.oval:def:10641",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rtsp-setparameter-bo(55801)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
            },
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "[client-dev] 20080117 CR: fix for bug 211210",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "oval:org.mitre.oval:def:10641",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rtsp-setparameter-bo(55801)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4248",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561361",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
                },
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "[client-dev] 20080117 CR: fix for bug 211210",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "oval:org.mitre.oval:def:10641",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rtsp-setparameter-bo(55801)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4248",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4247 (GCVE-0-2009-4247)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.219Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:10677",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
              },
              {
                "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
              },
              {
                "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rulebook-overflow(55802)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:10677",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
            },
            {
              "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
            },
            {
              "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rulebook-overflow(55802)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4247",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:10677",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
                },
                {
                  "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
                },
                {
                  "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561338",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rulebook-overflow(55802)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4247",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.219Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4246 (GCVE-0-2009-4246)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-skin-bo(55799)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
              },
              {
                "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-skin-bo(55799)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
            },
            {
              "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4246",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-skin-bo(55799)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
                },
                {
                  "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4246",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4245 (GCVE-0-2009-4245)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
              },
              {
                "name": "61969",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61969"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:9998",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "realplayer-gifimage-bo(55800)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
            },
            {
              "name": "61969",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61969"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:9998",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "realplayer-gifimage-bo(55800)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4245",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
                },
                {
                  "name": "61969",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61969"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:9998",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "realplayer-gifimage-bo(55800)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4245",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4244 (GCVE-0-2009-4244)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.240Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
              },
              {
                "name": "realplayer-sipr-bo(55797)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
              },
              {
                "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
            },
            {
              "name": "realplayer-sipr-bo(55797)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
            },
            {
              "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4244",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
                },
                {
                  "name": "realplayer-sipr-bo(55797)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
                },
                {
                  "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4244",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.240Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4243 (GCVE-0-2009-4243)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/0178 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1023489 vdb-entryx_refsource_SECTRACK
    http://service.real.com/realplayer/security/01192… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/61967 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/38218 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/37880 vdb-entryx_refsource_BID
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.171Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "realplayer-httpchunk-bo(55796)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
              },
              {
                "name": "61967",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61967"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "realplayer-httpchunk-bo(55796)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
            },
            {
              "name": "61967",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61967"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4243",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "realplayer-httpchunk-bo(55796)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
                },
                {
                  "name": "61967",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61967"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4243",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4242 (GCVE-0-2009-4242)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "oval:org.mitre.oval:def:10144",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
              },
              {
                "name": "realplayer-gif-bo(55795)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
              },
              {
                "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
              },
              {
                "name": "61966",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61966"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
              },
              {
                "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "oval:org.mitre.oval:def:10144",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
            },
            {
              "name": "realplayer-gif-bo(55795)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
            },
            {
              "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
            },
            {
              "name": "61966",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61966"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
            },
            {
              "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4242",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "oval:org.mitre.oval:def:10144",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
                },
                {
                  "name": "realplayer-gif-bo(55795)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561436",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
                },
                {
                  "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
                },
                {
                  "name": "61966",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61966"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
                },
                {
                  "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4242",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.208Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4241 (GCVE-0-2009-4241)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-asmrulebook-bo(55794)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-asmrulebook-bo(55794)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-asmrulebook-bo(55794)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4241",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4904 (GCVE-0-2007-4904)

    Vulnerability from nvd – Published: 2007-09-17 16:00 – Updated: 2024-08-07 15:08
    VLAI
    Summary
    RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/479081/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/25627 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    http://osvdb.org/39904 vdb-entryx_refsource_OSVDB
    Date Public
    2007-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:08:33.971Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "realplayer-helixplayer-au-dos(36545)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36545"
              },
              {
                "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/479081/100/0/threaded"
              },
              {
                "name": "25627",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25627"
              },
              {
                "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
              },
              {
                "name": "39904",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39904"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "realplayer-helixplayer-au-dos(36545)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36545"
            },
            {
              "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/479081/100/0/threaded"
            },
            {
              "name": "25627",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25627"
            },
            {
              "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
            },
            {
              "name": "39904",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39904"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4904",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "realplayer-helixplayer-au-dos(36545)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36545"
                },
                {
                  "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/479081/100/0/threaded"
                },
                {
                  "name": "25627",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25627"
                },
                {
                  "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
                },
                {
                  "name": "39904",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39904"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4904",
        "datePublished": "2007-09-17T16:00:00.000Z",
        "dateReserved": "2007-09-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:08:33.971Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3410 (GCVE-0-2007-3410)

    Vulnerability from nvd – Published: 2007-06-26 22:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://service.real.com/realplayer/security/10252… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/26463 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200709-05.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/24658 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/2339 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.redhat.com/support/errata/RHSA-2007-08… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/26828 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/38342 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/770904 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2007-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/25859 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37374 vdb-entryx_refsource_OSVDB
    http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/3628 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25819 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018297 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/27361 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018299 vdb-entryx_refsource_SECTRACK
    Date Public
    2007-06-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:13.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "oval:org.mitre.oval:def:10554",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
              },
              {
                "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
              },
              {
                "name": "26463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26463"
              },
              {
                "name": "GLSA-200709-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
              },
              {
                "name": "24658",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24658"
              },
              {
                "name": "ADV-2007-2339",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2339"
              },
              {
                "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
              },
              {
                "name": "RHSA-2007:0841",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
              },
              {
                "name": "26828",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26828"
              },
              {
                "name": "38342",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38342"
              },
              {
                "name": "VU#770904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/770904"
              },
              {
                "name": "RHSA-2007:0605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
              },
              {
                "name": "25859",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25859"
              },
              {
                "name": "37374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37374"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "25819",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25819"
              },
              {
                "name": "1018297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018297"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "1018299",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018299"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "oval:org.mitre.oval:def:10554",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
            },
            {
              "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
            },
            {
              "name": "26463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26463"
            },
            {
              "name": "GLSA-200709-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
            },
            {
              "name": "24658",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24658"
            },
            {
              "name": "ADV-2007-2339",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2339"
            },
            {
              "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
            },
            {
              "name": "RHSA-2007:0841",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
            },
            {
              "name": "26828",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26828"
            },
            {
              "name": "38342",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38342"
            },
            {
              "name": "VU#770904",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/770904"
            },
            {
              "name": "RHSA-2007:0605",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
            },
            {
              "name": "25859",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25859"
            },
            {
              "name": "37374",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37374"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "25819",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25819"
            },
            {
              "name": "1018297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018297"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "1018299",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018299"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "oval:org.mitre.oval:def:10554",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
                },
                {
                  "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
                },
                {
                  "name": "26463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26463"
                },
                {
                  "name": "GLSA-200709-05",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
                },
                {
                  "name": "24658",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24658"
                },
                {
                  "name": "ADV-2007-2339",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2339"
                },
                {
                  "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
                },
                {
                  "name": "RHSA-2007:0841",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
                },
                {
                  "name": "26828",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26828"
                },
                {
                  "name": "38342",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38342"
                },
                {
                  "name": "VU#770904",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/770904"
                },
                {
                  "name": "RHSA-2007:0605",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
                },
                {
                  "name": "25859",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25859"
                },
                {
                  "name": "37374",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37374"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "25819",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25819"
                },
                {
                  "name": "1018297",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018297"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "1018299",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018299"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3410",
        "datePublished": "2007-06-26T22:00:00.000Z",
        "dateReserved": "2007-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:13.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0323 (GCVE-0-2006-0323)

    Vulnerability from nvd – Published: 2006-03-23 23:00 – Updated: 2024-08-07 16:34
    VLAI
    Summary
    Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.service.real.com/realplayer/security/0… x_refsource_CONFIRM
    http://secunia.com/advisories/19358 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/19362 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/1057 vdb-entryx_refsource_VUPEN
    http://www.redhat.com/support/errata/RHSA-2006-02… vendor-advisoryx_refsource_REDHAT
    http://securityreason.com/securityalert/690 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/19365 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://securitytracker.com/id?1015806 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/17202 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/430621/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/19390 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/231028 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2006-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:34:13.867Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
              },
              {
                "name": "19358",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19358"
              },
              {
                "name": "SUSE-SA:2006:018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
              },
              {
                "name": "19362",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19362"
              },
              {
                "name": "ADV-2006-1057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1057"
              },
              {
                "name": "RHSA-2006:0257",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0257.html"
              },
              {
                "name": "690",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/690"
              },
              {
                "name": "19365",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19365"
              },
              {
                "name": "GLSA-200603-24",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml"
              },
              {
                "name": "1015806",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015806"
              },
              {
                "name": "17202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17202"
              },
              {
                "name": "20060411 Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/430621/100/0/threaded"
              },
              {
                "name": "realnetworks-swf-bo(25408)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25408"
              },
              {
                "name": "19390",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19390"
              },
              {
                "name": "VU#231028",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/231028"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
            },
            {
              "name": "19358",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19358"
            },
            {
              "name": "SUSE-SA:2006:018",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
            },
            {
              "name": "19362",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19362"
            },
            {
              "name": "ADV-2006-1057",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1057"
            },
            {
              "name": "RHSA-2006:0257",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0257.html"
            },
            {
              "name": "690",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/690"
            },
            {
              "name": "19365",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19365"
            },
            {
              "name": "GLSA-200603-24",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml"
            },
            {
              "name": "1015806",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015806"
            },
            {
              "name": "17202",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17202"
            },
            {
              "name": "20060411 Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/430621/100/0/threaded"
            },
            {
              "name": "realnetworks-swf-bo(25408)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25408"
            },
            {
              "name": "19390",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19390"
            },
            {
              "name": "VU#231028",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/231028"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0323",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.service.real.com/realplayer/security/03162006_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
                },
                {
                  "name": "19358",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19358"
                },
                {
                  "name": "SUSE-SA:2006:018",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
                },
                {
                  "name": "19362",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19362"
                },
                {
                  "name": "ADV-2006-1057",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1057"
                },
                {
                  "name": "RHSA-2006:0257",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2006-0257.html"
                },
                {
                  "name": "690",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/690"
                },
                {
                  "name": "19365",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19365"
                },
                {
                  "name": "GLSA-200603-24",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml"
                },
                {
                  "name": "1015806",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015806"
                },
                {
                  "name": "17202",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17202"
                },
                {
                  "name": "20060411 Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/430621/100/0/threaded"
                },
                {
                  "name": "realnetworks-swf-bo(25408)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25408"
                },
                {
                  "name": "19390",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19390"
                },
                {
                  "name": "VU#231028",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/231028"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0323",
        "datePublished": "2006-03-23T23:00:00.000Z",
        "dateReserved": "2006-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:34:13.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2922 (GCVE-0-2005-2922)

    Vulnerability from nvd – Published: 2006-03-23 23:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.service.real.com/realplayer/security/0… x_refsource_CONFIRM
    http://secunia.com/advisories/19358 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.vupen.com/english/advisories/2006/1057 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015808 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2005-788.html vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/19365 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/17202 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/172489 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2005-762.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2006-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
              },
              {
                "name": "19358",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19358"
              },
              {
                "name": "oval:org.mitre.oval:def:11444",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444"
              },
              {
                "name": "SUSE-SA:2006:018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
              },
              {
                "name": "ADV-2006-1057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1057"
              },
              {
                "name": "1015808",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015808"
              },
              {
                "name": "RHSA-2005:788",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
              },
              {
                "name": "realnetworks-chunked-transferencoding-bo(25409)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409"
              },
              {
                "name": "19365",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19365"
              },
              {
                "name": "17202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17202"
              },
              {
                "name": "VU#172489",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/172489"
              },
              {
                "name": "RHSA-2005:762",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
            },
            {
              "name": "19358",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19358"
            },
            {
              "name": "oval:org.mitre.oval:def:11444",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444"
            },
            {
              "name": "SUSE-SA:2006:018",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
            },
            {
              "name": "ADV-2006-1057",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1057"
            },
            {
              "name": "1015808",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015808"
            },
            {
              "name": "RHSA-2005:788",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
            },
            {
              "name": "realnetworks-chunked-transferencoding-bo(25409)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409"
            },
            {
              "name": "19365",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19365"
            },
            {
              "name": "17202",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17202"
            },
            {
              "name": "VU#172489",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/172489"
            },
            {
              "name": "RHSA-2005:762",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2922",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.service.real.com/realplayer/security/03162006_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
                },
                {
                  "name": "19358",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19358"
                },
                {
                  "name": "oval:org.mitre.oval:def:11444",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444"
                },
                {
                  "name": "SUSE-SA:2006:018",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
                },
                {
                  "name": "ADV-2006-1057",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1057"
                },
                {
                  "name": "1015808",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015808"
                },
                {
                  "name": "RHSA-2005:788",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
                },
                {
                  "name": "realnetworks-chunked-transferencoding-bo(25409)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409"
                },
                {
                  "name": "19365",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19365"
                },
                {
                  "name": "17202",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17202"
                },
                {
                  "name": "VU#172489",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/172489"
                },
                {
                  "name": "RHSA-2005:762",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2922",
        "datePublished": "2006-03-23T23:00:00.000Z",
        "dateReserved": "2005-09-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0417 (GCVE-0-2010-0417)

    Vulnerability from cvelistv5 – Published: 2010-02-18 23:00 – Updated: 2024-08-07 00:45
    VLAI
    Summary
    Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:45:12.279Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "oval:org.mitre.oval:def:11364",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11364"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "[common-cvs] 20080114 util rlstate.cpp,1.9,1.10",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2008-January/015484.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/common/util/rlstate.cpp?view=log#rev1.10"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561860"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11364",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11364"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "[common-cvs] 20080114 util rlstate.cpp,1.9,1.10",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2008-January/015484.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/common/util/rlstate.cpp?view=log#rev1.10"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561860"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-0417",
        "datePublished": "2010-02-18T23:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:45:12.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0416 (GCVE-0-2010-0416)

    Vulnerability from cvelistv5 – Published: 2010-02-18 23:00 – Updated: 2024-08-07 00:45
    VLAI
    Summary
    Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:45:12.255Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/common/util/hxurl.cpp?view=log#rev1.24.4.1.4.1"
              },
              {
                "name": "[common-cvs] 20070703 util hxurl.cpp,1.24.4.1,1.24.4.1.4.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2007-July/014956.html"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561856"
              },
              {
                "name": "oval:org.mitre.oval:def:10847",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10847"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/common/util/hxurl.cpp?view=log#rev1.24.4.1.4.1"
            },
            {
              "name": "[common-cvs] 20070703 util hxurl.cpp,1.24.4.1,1.24.4.1.4.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/common-cvs/2007-July/014956.html"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561856"
            },
            {
              "name": "oval:org.mitre.oval:def:10847",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10847"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-0416",
        "datePublished": "2010-02-18T23:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:45:12.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4257 (GCVE-0-2009-4257)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
              },
              {
                "name": "realnetworks-realplayer-smil-bo(55798)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
              },
              {
                "name": "oval:org.mitre.oval:def:11110",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
            },
            {
              "name": "realnetworks-realplayer-smil-bo(55798)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
            },
            {
              "name": "oval:org.mitre.oval:def:11110",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
                },
                {
                  "name": "realnetworks-realplayer-smil-bo(55798)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561309",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
                },
                {
                  "name": "oval:org.mitre.oval:def:11110",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4257",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.213Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4245 (GCVE-0-2009-4245)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
              },
              {
                "name": "61969",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61969"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:9998",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "realplayer-gifimage-bo(55800)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
            },
            {
              "name": "61969",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61969"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:9998",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "realplayer-gifimage-bo(55800)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4245",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
                },
                {
                  "name": "61969",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61969"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:9998",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "realplayer-gifimage-bo(55800)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4245",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4241 (GCVE-0-2009-4241)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-asmrulebook-bo(55794)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-asmrulebook-bo(55794)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-asmrulebook-bo(55794)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4241",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4247 (GCVE-0-2009-4247)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.219Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:10677",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
              },
              {
                "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
              },
              {
                "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rulebook-overflow(55802)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:10677",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
            },
            {
              "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
            },
            {
              "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rulebook-overflow(55802)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4247",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:10677",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
                },
                {
                  "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
                },
                {
                  "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561338",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rulebook-overflow(55802)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4247",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.219Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4242 (GCVE-0-2009-4242)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "oval:org.mitre.oval:def:10144",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
              },
              {
                "name": "realplayer-gif-bo(55795)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
              },
              {
                "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
              },
              {
                "name": "61966",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61966"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
              },
              {
                "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "oval:org.mitre.oval:def:10144",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
            },
            {
              "name": "realplayer-gif-bo(55795)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
            },
            {
              "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
            },
            {
              "name": "61966",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61966"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
            },
            {
              "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4242",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "oval:org.mitre.oval:def:10144",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
                },
                {
                  "name": "realplayer-gif-bo(55795)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561436",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
                },
                {
                  "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
                },
                {
                  "name": "61966",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61966"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
                },
                {
                  "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4242",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.208Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4243 (GCVE-0-2009-4243)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/0178 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1023489 vdb-entryx_refsource_SECTRACK
    http://service.real.com/realplayer/security/01192… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/61967 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/38218 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/37880 vdb-entryx_refsource_BID
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.171Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "realplayer-httpchunk-bo(55796)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
              },
              {
                "name": "61967",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61967"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "realplayer-httpchunk-bo(55796)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
            },
            {
              "name": "61967",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61967"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4243",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "realplayer-httpchunk-bo(55796)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
                },
                {
                  "name": "61967",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61967"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4243",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4248 (GCVE-0-2009-4248)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
              },
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "[client-dev] 20080117 CR: fix for bug 211210",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "oval:org.mitre.oval:def:10641",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rtsp-setparameter-bo(55801)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
            },
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "[client-dev] 20080117 CR: fix for bug 211210",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "oval:org.mitre.oval:def:10641",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rtsp-setparameter-bo(55801)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4248",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561361",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
                },
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "[client-dev] 20080117 CR: fix for bug 211210",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "oval:org.mitre.oval:def:10641",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rtsp-setparameter-bo(55801)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4248",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4244 (GCVE-0-2009-4244)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.240Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
              },
              {
                "name": "realplayer-sipr-bo(55797)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
              },
              {
                "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
            },
            {
              "name": "realplayer-sipr-bo(55797)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
            },
            {
              "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4244",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
                },
                {
                  "name": "realplayer-sipr-bo(55797)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
                },
                {
                  "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4244",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.240Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4246 (GCVE-0-2009-4246)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-skin-bo(55799)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
              },
              {
                "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-skin-bo(55799)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
            },
            {
              "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4246",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-skin-bo(55799)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
                },
                {
                  "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4246",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4904 (GCVE-0-2007-4904)

    Vulnerability from cvelistv5 – Published: 2007-09-17 16:00 – Updated: 2024-08-07 15:08
    VLAI
    Summary
    RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/479081/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/25627 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    http://osvdb.org/39904 vdb-entryx_refsource_OSVDB
    Date Public
    2007-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:08:33.971Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "realplayer-helixplayer-au-dos(36545)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36545"
              },
              {
                "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/479081/100/0/threaded"
              },
              {
                "name": "25627",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25627"
              },
              {
                "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
              },
              {
                "name": "39904",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39904"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "realplayer-helixplayer-au-dos(36545)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36545"
            },
            {
              "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/479081/100/0/threaded"
            },
            {
              "name": "25627",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25627"
            },
            {
              "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
            },
            {
              "name": "39904",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39904"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4904",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "realplayer-helixplayer-au-dos(36545)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36545"
                },
                {
                  "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/479081/100/0/threaded"
                },
                {
                  "name": "25627",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25627"
                },
                {
                  "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
                },
                {
                  "name": "39904",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39904"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4904",
        "datePublished": "2007-09-17T16:00:00.000Z",
        "dateReserved": "2007-09-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:08:33.971Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3410 (GCVE-0-2007-3410)

    Vulnerability from cvelistv5 – Published: 2007-06-26 22:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://service.real.com/realplayer/security/10252… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/26463 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200709-05.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/24658 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/2339 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.redhat.com/support/errata/RHSA-2007-08… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/26828 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/38342 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/770904 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2007-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/25859 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37374 vdb-entryx_refsource_OSVDB
    http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/3628 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25819 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018297 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/27361 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018299 vdb-entryx_refsource_SECTRACK
    Date Public
    2007-06-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:13.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "oval:org.mitre.oval:def:10554",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
              },
              {
                "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
              },
              {
                "name": "26463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26463"
              },
              {
                "name": "GLSA-200709-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
              },
              {
                "name": "24658",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24658"
              },
              {
                "name": "ADV-2007-2339",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2339"
              },
              {
                "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
              },
              {
                "name": "RHSA-2007:0841",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
              },
              {
                "name": "26828",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26828"
              },
              {
                "name": "38342",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38342"
              },
              {
                "name": "VU#770904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/770904"
              },
              {
                "name": "RHSA-2007:0605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
              },
              {
                "name": "25859",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25859"
              },
              {
                "name": "37374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37374"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "25819",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25819"
              },
              {
                "name": "1018297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018297"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "1018299",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018299"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "oval:org.mitre.oval:def:10554",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
            },
            {
              "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
            },
            {
              "name": "26463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26463"
            },
            {
              "name": "GLSA-200709-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
            },
            {
              "name": "24658",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24658"
            },
            {
              "name": "ADV-2007-2339",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2339"
            },
            {
              "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
            },
            {
              "name": "RHSA-2007:0841",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
            },
            {
              "name": "26828",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26828"
            },
            {
              "name": "38342",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38342"
            },
            {
              "name": "VU#770904",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/770904"
            },
            {
              "name": "RHSA-2007:0605",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
            },
            {
              "name": "25859",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25859"
            },
            {
              "name": "37374",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37374"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "25819",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25819"
            },
            {
              "name": "1018297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018297"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "1018299",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018299"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "oval:org.mitre.oval:def:10554",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
                },
                {
                  "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
                },
                {
                  "name": "26463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26463"
                },
                {
                  "name": "GLSA-200709-05",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
                },
                {
                  "name": "24658",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24658"
                },
                {
                  "name": "ADV-2007-2339",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2339"
                },
                {
                  "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
                },
                {
                  "name": "RHSA-2007:0841",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
                },
                {
                  "name": "26828",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26828"
                },
                {
                  "name": "38342",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38342"
                },
                {
                  "name": "VU#770904",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/770904"
                },
                {
                  "name": "RHSA-2007:0605",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
                },
                {
                  "name": "25859",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25859"
                },
                {
                  "name": "37374",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37374"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "25819",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25819"
                },
                {
                  "name": "1018297",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018297"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "1018299",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018299"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3410",
        "datePublished": "2007-06-26T22:00:00.000Z",
        "dateReserved": "2007-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:13.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2922 (GCVE-0-2005-2922)

    Vulnerability from cvelistv5 – Published: 2006-03-23 23:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.service.real.com/realplayer/security/0… x_refsource_CONFIRM
    http://secunia.com/advisories/19358 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.vupen.com/english/advisories/2006/1057 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015808 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2005-788.html vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/19365 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/17202 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/172489 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2005-762.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2006-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
              },
              {
                "name": "19358",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19358"
              },
              {
                "name": "oval:org.mitre.oval:def:11444",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444"
              },
              {
                "name": "SUSE-SA:2006:018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
              },
              {
                "name": "ADV-2006-1057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1057"
              },
              {
                "name": "1015808",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015808"
              },
              {
                "name": "RHSA-2005:788",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
              },
              {
                "name": "realnetworks-chunked-transferencoding-bo(25409)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409"
              },
              {
                "name": "19365",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19365"
              },
              {
                "name": "17202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17202"
              },
              {
                "name": "VU#172489",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/172489"
              },
              {
                "name": "RHSA-2005:762",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
            },
            {
              "name": "19358",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19358"
            },
            {
              "name": "oval:org.mitre.oval:def:11444",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444"
            },
            {
              "name": "SUSE-SA:2006:018",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
            },
            {
              "name": "ADV-2006-1057",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1057"
            },
            {
              "name": "1015808",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015808"
            },
            {
              "name": "RHSA-2005:788",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
            },
            {
              "name": "realnetworks-chunked-transferencoding-bo(25409)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409"
            },
            {
              "name": "19365",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19365"
            },
            {
              "name": "17202",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17202"
            },
            {
              "name": "VU#172489",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/172489"
            },
            {
              "name": "RHSA-2005:762",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2922",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.service.real.com/realplayer/security/03162006_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
                },
                {
                  "name": "19358",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19358"
                },
                {
                  "name": "oval:org.mitre.oval:def:11444",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444"
                },
                {
                  "name": "SUSE-SA:2006:018",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
                },
                {
                  "name": "ADV-2006-1057",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1057"
                },
                {
                  "name": "1015808",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015808"
                },
                {
                  "name": "RHSA-2005:788",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
                },
                {
                  "name": "realnetworks-chunked-transferencoding-bo(25409)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409"
                },
                {
                  "name": "19365",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19365"
                },
                {
                  "name": "17202",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17202"
                },
                {
                  "name": "VU#172489",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/172489"
                },
                {
                  "name": "RHSA-2005:762",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2922",
        "datePublished": "2006-03-23T23:00:00.000Z",
        "dateReserved": "2005-09-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0323 (GCVE-0-2006-0323)

    Vulnerability from cvelistv5 – Published: 2006-03-23 23:00 – Updated: 2024-08-07 16:34
    VLAI
    Summary
    Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.service.real.com/realplayer/security/0… x_refsource_CONFIRM
    http://secunia.com/advisories/19358 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/19362 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/1057 vdb-entryx_refsource_VUPEN
    http://www.redhat.com/support/errata/RHSA-2006-02… vendor-advisoryx_refsource_REDHAT
    http://securityreason.com/securityalert/690 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/19365 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://securitytracker.com/id?1015806 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/17202 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/430621/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/19390 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/231028 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2006-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:34:13.867Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
              },
              {
                "name": "19358",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19358"
              },
              {
                "name": "SUSE-SA:2006:018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
              },
              {
                "name": "19362",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19362"
              },
              {
                "name": "ADV-2006-1057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1057"
              },
              {
                "name": "RHSA-2006:0257",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0257.html"
              },
              {
                "name": "690",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/690"
              },
              {
                "name": "19365",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19365"
              },
              {
                "name": "GLSA-200603-24",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml"
              },
              {
                "name": "1015806",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015806"
              },
              {
                "name": "17202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17202"
              },
              {
                "name": "20060411 Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/430621/100/0/threaded"
              },
              {
                "name": "realnetworks-swf-bo(25408)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25408"
              },
              {
                "name": "19390",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19390"
              },
              {
                "name": "VU#231028",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/231028"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
            },
            {
              "name": "19358",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19358"
            },
            {
              "name": "SUSE-SA:2006:018",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
            },
            {
              "name": "19362",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19362"
            },
            {
              "name": "ADV-2006-1057",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1057"
            },
            {
              "name": "RHSA-2006:0257",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0257.html"
            },
            {
              "name": "690",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/690"
            },
            {
              "name": "19365",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19365"
            },
            {
              "name": "GLSA-200603-24",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml"
            },
            {
              "name": "1015806",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015806"
            },
            {
              "name": "17202",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17202"
            },
            {
              "name": "20060411 Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/430621/100/0/threaded"
            },
            {
              "name": "realnetworks-swf-bo(25408)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25408"
            },
            {
              "name": "19390",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19390"
            },
            {
              "name": "VU#231028",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/231028"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0323",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.service.real.com/realplayer/security/03162006_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"
                },
                {
                  "name": "19358",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19358"
                },
                {
                  "name": "SUSE-SA:2006:018",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html"
                },
                {
                  "name": "19362",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19362"
                },
                {
                  "name": "ADV-2006-1057",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1057"
                },
                {
                  "name": "RHSA-2006:0257",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2006-0257.html"
                },
                {
                  "name": "690",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/690"
                },
                {
                  "name": "19365",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19365"
                },
                {
                  "name": "GLSA-200603-24",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml"
                },
                {
                  "name": "1015806",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015806"
                },
                {
                  "name": "17202",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17202"
                },
                {
                  "name": "20060411 Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/430621/100/0/threaded"
                },
                {
                  "name": "realnetworks-swf-bo(25408)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25408"
                },
                {
                  "name": "19390",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19390"
                },
                {
                  "name": "VU#231028",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/231028"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0323",
        "datePublished": "2006-03-23T23:00:00.000Z",
        "dateReserved": "2006-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:34:13.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }