Search

Find a vulnerability

Search criteria

    28 vulnerabilities found for realplayer_enterprise by realnetworks

    CVE-2009-4257 (GCVE-0-2009-4257)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
              },
              {
                "name": "realnetworks-realplayer-smil-bo(55798)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
              },
              {
                "name": "oval:org.mitre.oval:def:11110",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
            },
            {
              "name": "realnetworks-realplayer-smil-bo(55798)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
            },
            {
              "name": "oval:org.mitre.oval:def:11110",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
                },
                {
                  "name": "realnetworks-realplayer-smil-bo(55798)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561309",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
                },
                {
                  "name": "oval:org.mitre.oval:def:11110",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4257",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.213Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4248 (GCVE-0-2009-4248)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
              },
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "[client-dev] 20080117 CR: fix for bug 211210",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "oval:org.mitre.oval:def:10641",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rtsp-setparameter-bo(55801)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
            },
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "[client-dev] 20080117 CR: fix for bug 211210",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "oval:org.mitre.oval:def:10641",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rtsp-setparameter-bo(55801)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4248",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561361",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
                },
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "[client-dev] 20080117 CR: fix for bug 211210",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "oval:org.mitre.oval:def:10641",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rtsp-setparameter-bo(55801)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4248",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4247 (GCVE-0-2009-4247)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.219Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:10677",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
              },
              {
                "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
              },
              {
                "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rulebook-overflow(55802)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:10677",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
            },
            {
              "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
            },
            {
              "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rulebook-overflow(55802)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4247",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:10677",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
                },
                {
                  "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
                },
                {
                  "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561338",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rulebook-overflow(55802)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4247",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.219Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4246 (GCVE-0-2009-4246)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-skin-bo(55799)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
              },
              {
                "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-skin-bo(55799)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
            },
            {
              "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4246",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-skin-bo(55799)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
                },
                {
                  "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4246",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4245 (GCVE-0-2009-4245)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
              },
              {
                "name": "61969",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61969"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:9998",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "realplayer-gifimage-bo(55800)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
            },
            {
              "name": "61969",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61969"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:9998",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "realplayer-gifimage-bo(55800)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4245",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
                },
                {
                  "name": "61969",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61969"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:9998",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "realplayer-gifimage-bo(55800)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4245",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4244 (GCVE-0-2009-4244)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.240Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
              },
              {
                "name": "realplayer-sipr-bo(55797)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
              },
              {
                "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
            },
            {
              "name": "realplayer-sipr-bo(55797)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
            },
            {
              "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4244",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
                },
                {
                  "name": "realplayer-sipr-bo(55797)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
                },
                {
                  "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4244",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.240Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4243 (GCVE-0-2009-4243)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/0178 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1023489 vdb-entryx_refsource_SECTRACK
    http://service.real.com/realplayer/security/01192… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/61967 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/38218 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/37880 vdb-entryx_refsource_BID
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.171Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "realplayer-httpchunk-bo(55796)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
              },
              {
                "name": "61967",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61967"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "realplayer-httpchunk-bo(55796)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
            },
            {
              "name": "61967",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61967"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4243",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "realplayer-httpchunk-bo(55796)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
                },
                {
                  "name": "61967",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61967"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4243",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4242 (GCVE-0-2009-4242)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "oval:org.mitre.oval:def:10144",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
              },
              {
                "name": "realplayer-gif-bo(55795)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
              },
              {
                "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
              },
              {
                "name": "61966",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61966"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
              },
              {
                "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "oval:org.mitre.oval:def:10144",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
            },
            {
              "name": "realplayer-gif-bo(55795)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
            },
            {
              "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
            },
            {
              "name": "61966",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61966"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
            },
            {
              "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4242",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "oval:org.mitre.oval:def:10144",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
                },
                {
                  "name": "realplayer-gif-bo(55795)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561436",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
                },
                {
                  "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
                },
                {
                  "name": "61966",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61966"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
                },
                {
                  "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4242",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.208Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4241 (GCVE-0-2009-4241)

    Vulnerability from nvd – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-asmrulebook-bo(55794)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-asmrulebook-bo(55794)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-asmrulebook-bo(55794)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4241",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2263 (GCVE-0-2007-2263)

    Vulnerability from nvd – Published: 2007-10-31 17:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.289Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html"
              },
              {
                "name": "38344",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38344"
              },
              {
                "name": "realplayer-swf-bo(37436)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37436"
              },
              {
                "name": "oval:org.mitre.oval:def:11432",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432"
              },
              {
                "name": "20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483110/100/0/threaded"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018866"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "26284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26284"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html"
            },
            {
              "name": "38344",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38344"
            },
            {
              "name": "realplayer-swf-bo(37436)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37436"
            },
            {
              "name": "oval:org.mitre.oval:def:11432",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432"
            },
            {
              "name": "20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483110/100/0/threaded"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018866"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "26284",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26284"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2263",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html"
                },
                {
                  "name": "38344",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38344"
                },
                {
                  "name": "realplayer-swf-bo(37436)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37436"
                },
                {
                  "name": "oval:org.mitre.oval:def:11432",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432"
                },
                {
                  "name": "20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483110/100/0/threaded"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018866"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "26284",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26284"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2263",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-04-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.289Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5080 (GCVE-0-2007-5080)

    Vulnerability from nvd – Published: 2007-10-31 17:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "realplayer-mp3-bo(37434)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018866"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/"
              },
              {
                "name": "VU#759385",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/759385"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "realplayer-mp3-bo(37434)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018866"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/"
            },
            {
              "name": "VU#759385",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/759385"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5080",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "realplayer-mp3-bo(37434)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018866"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/"
                },
                {
                  "name": "VU#759385",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/759385"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5080",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-09-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2264 (GCVE-0-2007-2264)

    Vulnerability from nvd – Published: 2007-10-31 17:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.220Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018866"
              },
              {
                "name": "realplayer-ram-bo(37437)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37437"
              },
              {
                "name": "20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483113/100/0/threaded"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "oval:org.mitre.oval:def:9100",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018866"
            },
            {
              "name": "realplayer-ram-bo(37437)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37437"
            },
            {
              "name": "20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483113/100/0/threaded"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "oval:org.mitre.oval:def:9100",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2264",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018866"
                },
                {
                  "name": "realplayer-ram-bo(37437)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37437"
                },
                {
                  "name": "20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483113/100/0/threaded"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "oval:org.mitre.oval:def:9100",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2264",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-04-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5081 (GCVE-0-2007-5081)

    Vulnerability from nvd – Published: 2007-10-31 17:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://service.real.com/realplayer/security/10252… x_refsource_CONFIRM
    http://securitytracker.com/id?1018866 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/3628 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/27361 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/38340 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/26214 vdb-entryx_refsource_BID
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018866"
              },
              {
                "name": "oval:org.mitre.oval:def:11625",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "realplayer-rm-bo(37435)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "38340",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38340"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018866"
            },
            {
              "name": "oval:org.mitre.oval:def:11625",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "realplayer-rm-bo(37435)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "38340",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38340"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018866"
                },
                {
                  "name": "oval:org.mitre.oval:def:11625",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "realplayer-rm-bo(37435)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "38340",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38340"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5081",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-09-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3410 (GCVE-0-2007-3410)

    Vulnerability from nvd – Published: 2007-06-26 22:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://service.real.com/realplayer/security/10252… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/26463 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200709-05.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/24658 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/2339 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.redhat.com/support/errata/RHSA-2007-08… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/26828 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/38342 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/770904 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2007-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/25859 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37374 vdb-entryx_refsource_OSVDB
    http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/3628 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25819 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018297 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/27361 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018299 vdb-entryx_refsource_SECTRACK
    Date Public
    2007-06-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:13.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "oval:org.mitre.oval:def:10554",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
              },
              {
                "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
              },
              {
                "name": "26463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26463"
              },
              {
                "name": "GLSA-200709-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
              },
              {
                "name": "24658",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24658"
              },
              {
                "name": "ADV-2007-2339",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2339"
              },
              {
                "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
              },
              {
                "name": "RHSA-2007:0841",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
              },
              {
                "name": "26828",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26828"
              },
              {
                "name": "38342",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38342"
              },
              {
                "name": "VU#770904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/770904"
              },
              {
                "name": "RHSA-2007:0605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
              },
              {
                "name": "25859",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25859"
              },
              {
                "name": "37374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37374"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "25819",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25819"
              },
              {
                "name": "1018297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018297"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "1018299",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018299"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "oval:org.mitre.oval:def:10554",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
            },
            {
              "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
            },
            {
              "name": "26463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26463"
            },
            {
              "name": "GLSA-200709-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
            },
            {
              "name": "24658",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24658"
            },
            {
              "name": "ADV-2007-2339",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2339"
            },
            {
              "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
            },
            {
              "name": "RHSA-2007:0841",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
            },
            {
              "name": "26828",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26828"
            },
            {
              "name": "38342",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38342"
            },
            {
              "name": "VU#770904",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/770904"
            },
            {
              "name": "RHSA-2007:0605",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
            },
            {
              "name": "25859",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25859"
            },
            {
              "name": "37374",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37374"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "25819",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25819"
            },
            {
              "name": "1018297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018297"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "1018299",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018299"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "oval:org.mitre.oval:def:10554",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
                },
                {
                  "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
                },
                {
                  "name": "26463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26463"
                },
                {
                  "name": "GLSA-200709-05",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
                },
                {
                  "name": "24658",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24658"
                },
                {
                  "name": "ADV-2007-2339",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2339"
                },
                {
                  "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
                },
                {
                  "name": "RHSA-2007:0841",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
                },
                {
                  "name": "26828",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26828"
                },
                {
                  "name": "38342",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38342"
                },
                {
                  "name": "VU#770904",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/770904"
                },
                {
                  "name": "RHSA-2007:0605",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
                },
                {
                  "name": "25859",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25859"
                },
                {
                  "name": "37374",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37374"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "25819",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25819"
                },
                {
                  "name": "1018297",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018297"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "1018299",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018299"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3410",
        "datePublished": "2007-06-26T22:00:00.000Z",
        "dateReserved": "2007-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:13.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4247 (GCVE-0-2009-4247)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.219Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:10677",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
              },
              {
                "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
              },
              {
                "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rulebook-overflow(55802)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:10677",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
            },
            {
              "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
            },
            {
              "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rulebook-overflow(55802)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4247",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an \"array overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:10677",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677"
                },
                {
                  "name": "[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245"
                },
                {
                  "name": "[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561338",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561338"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rulebook-overflow(55802)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55802"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4247",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.219Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4243 (GCVE-0-2009-4243)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/0178 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1023489 vdb-entryx_refsource_SECTRACK
    http://service.real.com/realplayer/security/01192… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/61967 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/38218 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/37880 vdb-entryx_refsource_BID
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.171Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "realplayer-httpchunk-bo(55796)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
              },
              {
                "name": "61967",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61967"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "realplayer-httpchunk-bo(55796)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
            },
            {
              "name": "61967",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61967"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4243",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an \"overflow.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "realplayer-httpchunk-bo(55796)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55796"
                },
                {
                  "name": "61967",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61967"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4243",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4244 (GCVE-0-2009-4244)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.240Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
              },
              {
                "name": "realplayer-sipr-bo(55797)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
              },
              {
                "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
            },
            {
              "name": "realplayer-sipr-bo(55797)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
            },
            {
              "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4244",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-008/"
                },
                {
                  "name": "realplayer-sipr-bo(55797)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55797"
                },
                {
                  "name": "20100121 ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509098/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4244",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.240Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4242 (GCVE-0-2009-4242)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "oval:org.mitre.oval:def:10144",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
              },
              {
                "name": "realplayer-gif-bo(55795)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
              },
              {
                "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
              },
              {
                "name": "61966",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61966"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
              },
              {
                "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "oval:org.mitre.oval:def:10144",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
            },
            {
              "name": "realplayer-gif-bo(55795)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
            },
            {
              "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
            },
            {
              "name": "61966",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61966"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
            },
            {
              "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4242",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "oval:org.mitre.oval:def:10144",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144"
                },
                {
                  "name": "realplayer-gif-bo(55795)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55795"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561436",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561436"
                },
                {
                  "name": "[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-006/"
                },
                {
                  "name": "61966",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61966"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8"
                },
                {
                  "name": "20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509096/100/0/threaded"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4242",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.208Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4241 (GCVE-0-2009-4241)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-asmrulebook-bo(55794)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-asmrulebook-bo(55794)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-asmrulebook-bo(55794)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55794"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "20100121 ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509100/100/0/threaded"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-005/"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4241",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4245 (GCVE-0-2009-4245)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
              },
              {
                "name": "61969",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/61969"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "oval:org.mitre.oval:def:9998",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "realplayer-gifimage-bo(55800)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
            },
            {
              "name": "61969",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/61969"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "oval:org.mitre.oval:def:9998",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "realplayer-gifimage-bo(55800)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4245",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
                },
                {
                  "name": "61969",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/61969"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "oval:org.mitre.oval:def:9998",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "realplayer-gifimage-bo(55800)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4245",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4257 (GCVE-0-2009-4257)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
              },
              {
                "name": "realnetworks-realplayer-smil-bo(55798)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
              },
              {
                "name": "oval:org.mitre.oval:def:11110",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
            },
            {
              "name": "realnetworks-realplayer-smil-bo(55798)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
            },
            {
              "name": "oval:org.mitre.oval:def:11110",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
                },
                {
                  "name": "realnetworks-realplayer-smil-bo(55798)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561309",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
                },
                {
                  "name": "oval:org.mitre.oval:def:11110",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4257",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.213Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4248 (GCVE-0-2009-4248)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
              },
              {
                "name": "RHSA-2010:0094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
              },
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "name": "38450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38450"
              },
              {
                "name": "[client-dev] 20080117 CR: fix for bug 211210",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "oval:org.mitre.oval:def:10641",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
              },
              {
                "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              },
              {
                "name": "realplayer-rtsp-setparameter-bo(55801)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
            },
            {
              "name": "RHSA-2010:0094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "38450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "[client-dev] 20080117 CR: fix for bug 211210",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "oval:org.mitre.oval:def:10641",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
            },
            {
              "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            },
            {
              "name": "realplayer-rtsp-setparameter-bo(55801)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4248",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561361",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561361"
                },
                {
                  "name": "RHSA-2010:0094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
                },
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "38450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38450"
                },
                {
                  "name": "[client-dev] 20080117 CR: fix for bug 211210",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-dev/2008-January/004591.html"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003759.html"
                },
                {
                  "name": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86",
                  "refsource": "CONFIRM",
                  "url": "https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.86"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "oval:org.mitre.oval:def:10641",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10641"
                },
                {
                  "name": "[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19",
                  "refsource": "MLIST",
                  "url": "http://lists.helixcommunity.org/pipermail/client-cvs/2008-January/003756.html"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                },
                {
                  "name": "realplayer-rtsp-setparameter-bo(55801)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4248",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4246 (GCVE-0-2009-4246)

    Vulnerability from cvelistv5 – Published: 2010-01-25 19:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-01-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:10.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0178"
              },
              {
                "name": "realplayer-skin-bo(55799)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
              },
              {
                "name": "1023489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023489"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/01192010_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
              },
              {
                "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
              },
              {
                "name": "38218",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38218"
              },
              {
                "name": "37880",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37880"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-0178",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "realplayer-skin-bo(55799)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
            },
            {
              "name": "1023489",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
            },
            {
              "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
            },
            {
              "name": "38218",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "37880",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4246",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0178",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0178"
                },
                {
                  "name": "realplayer-skin-bo(55799)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55799"
                },
                {
                  "name": "1023489",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023489"
                },
                {
                  "name": "http://service.real.com/realplayer/security/01192010_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/01192010_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-010/"
                },
                {
                  "name": "20100121 ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509104/100/0/threaded"
                },
                {
                  "name": "38218",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38218"
                },
                {
                  "name": "37880",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37880"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4246",
        "datePublished": "2010-01-25T19:00:00.000Z",
        "dateReserved": "2009-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:10.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2263 (GCVE-0-2007-2263)

    Vulnerability from cvelistv5 – Published: 2007-10-31 17:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.289Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html"
              },
              {
                "name": "38344",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38344"
              },
              {
                "name": "realplayer-swf-bo(37436)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37436"
              },
              {
                "name": "oval:org.mitre.oval:def:11432",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432"
              },
              {
                "name": "20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483110/100/0/threaded"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018866"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "26284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26284"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html"
            },
            {
              "name": "38344",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38344"
            },
            {
              "name": "realplayer-swf-bo(37436)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37436"
            },
            {
              "name": "oval:org.mitre.oval:def:11432",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432"
            },
            {
              "name": "20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483110/100/0/threaded"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018866"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "26284",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26284"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2263",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-061.html"
                },
                {
                  "name": "38344",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38344"
                },
                {
                  "name": "realplayer-swf-bo(37436)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37436"
                },
                {
                  "name": "oval:org.mitre.oval:def:11432",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432"
                },
                {
                  "name": "20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483110/100/0/threaded"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018866"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "26284",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26284"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2263",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-04-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.289Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5080 (GCVE-0-2007-5080)

    Vulnerability from cvelistv5 – Published: 2007-10-31 17:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "realplayer-mp3-bo(37434)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018866"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/"
              },
              {
                "name": "VU#759385",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/759385"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "realplayer-mp3-bo(37434)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018866"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/"
            },
            {
              "name": "VU#759385",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/759385"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5080",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "realplayer-mp3-bo(37434)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018866"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/"
                },
                {
                  "name": "VU#759385",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/759385"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5080",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-09-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2264 (GCVE-0-2007-2264)

    Vulnerability from cvelistv5 – Published: 2007-10-31 17:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.220Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018866"
              },
              {
                "name": "realplayer-ram-bo(37437)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37437"
              },
              {
                "name": "20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483113/100/0/threaded"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "oval:org.mitre.oval:def:9100",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018866"
            },
            {
              "name": "realplayer-ram-bo(37437)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37437"
            },
            {
              "name": "20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483113/100/0/threaded"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "oval:org.mitre.oval:def:9100",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2264",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-063.html"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018866"
                },
                {
                  "name": "realplayer-ram-bo(37437)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37437"
                },
                {
                  "name": "20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483113/100/0/threaded"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "oval:org.mitre.oval:def:9100",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2264",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-04-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5081 (GCVE-0-2007-5081)

    Vulnerability from cvelistv5 – Published: 2007-10-31 17:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://service.real.com/realplayer/security/10252… x_refsource_CONFIRM
    http://securitytracker.com/id?1018866 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/3628 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/27361 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/38340 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/26214 vdb-entryx_refsource_BID
    Date Public
    2007-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "1018866",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018866"
              },
              {
                "name": "oval:org.mitre.oval:def:11625",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "realplayer-rm-bo(37435)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "38340",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38340"
              },
              {
                "name": "26214",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26214"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "1018866",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018866"
            },
            {
              "name": "oval:org.mitre.oval:def:11625",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "realplayer-rm-bo(37435)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "38340",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38340"
            },
            {
              "name": "26214",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26214"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "1018866",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018866"
                },
                {
                  "name": "oval:org.mitre.oval:def:11625",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "realplayer-rm-bo(37435)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "38340",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38340"
                },
                {
                  "name": "26214",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26214"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5081",
        "datePublished": "2007-10-31T17:00:00.000Z",
        "dateReserved": "2007-09-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3410 (GCVE-0-2007-3410)

    Vulnerability from cvelistv5 – Published: 2007-06-26 22:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://service.real.com/realplayer/security/10252… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/26463 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200709-05.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/24658 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/2339 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.redhat.com/support/errata/RHSA-2007-08… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/26828 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/38342 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/770904 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2007-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/25859 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37374 vdb-entryx_refsource_OSVDB
    http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/3628 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25819 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018297 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/27361 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1018299 vdb-entryx_refsource_SECTRACK
    Date Public
    2007-06-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:13.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service.real.com/realplayer/security/10252007_player/en/"
              },
              {
                "name": "oval:org.mitre.oval:def:10554",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
              },
              {
                "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
              },
              {
                "name": "26463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26463"
              },
              {
                "name": "GLSA-200709-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
              },
              {
                "name": "24658",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24658"
              },
              {
                "name": "ADV-2007-2339",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2339"
              },
              {
                "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
              },
              {
                "name": "RHSA-2007:0841",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
              },
              {
                "name": "26828",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26828"
              },
              {
                "name": "38342",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38342"
              },
              {
                "name": "VU#770904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/770904"
              },
              {
                "name": "RHSA-2007:0605",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
              },
              {
                "name": "25859",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25859"
              },
              {
                "name": "37374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37374"
              },
              {
                "name": "20071030 RealPlayer Updates of October 25, 2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
              },
              {
                "name": "ADV-2007-3628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3628"
              },
              {
                "name": "25819",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25819"
              },
              {
                "name": "1018297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018297"
              },
              {
                "name": "27361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27361"
              },
              {
                "name": "1018299",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018299"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service.real.com/realplayer/security/10252007_player/en/"
            },
            {
              "name": "oval:org.mitre.oval:def:10554",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
            },
            {
              "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
            },
            {
              "name": "26463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26463"
            },
            {
              "name": "GLSA-200709-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
            },
            {
              "name": "24658",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24658"
            },
            {
              "name": "ADV-2007-2339",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2339"
            },
            {
              "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
            },
            {
              "name": "RHSA-2007:0841",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
            },
            {
              "name": "26828",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26828"
            },
            {
              "name": "38342",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38342"
            },
            {
              "name": "VU#770904",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/770904"
            },
            {
              "name": "RHSA-2007:0605",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
            },
            {
              "name": "25859",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25859"
            },
            {
              "name": "37374",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37374"
            },
            {
              "name": "20071030 RealPlayer Updates of October 25, 2007",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
            },
            {
              "name": "ADV-2007-3628",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3628"
            },
            {
              "name": "25819",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25819"
            },
            {
              "name": "1018297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018297"
            },
            {
              "name": "27361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27361"
            },
            {
              "name": "1018299",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018299"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://service.real.com/realplayer/security/10252007_player/en/",
                  "refsource": "CONFIRM",
                  "url": "http://service.real.com/realplayer/security/10252007_player/en/"
                },
                {
                  "name": "oval:org.mitre.oval:def:10554",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
                },
                {
                  "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
                },
                {
                  "name": "26463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26463"
                },
                {
                  "name": "GLSA-200709-05",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
                },
                {
                  "name": "24658",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24658"
                },
                {
                  "name": "ADV-2007-2339",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2339"
                },
                {
                  "name": "realplayer-smiltime-wallclockvalue-bo(35088)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
                },
                {
                  "name": "RHSA-2007:0841",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
                },
                {
                  "name": "26828",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26828"
                },
                {
                  "name": "38342",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38342"
                },
                {
                  "name": "VU#770904",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/770904"
                },
                {
                  "name": "RHSA-2007:0605",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
                },
                {
                  "name": "25859",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25859"
                },
                {
                  "name": "37374",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37374"
                },
                {
                  "name": "20071030 RealPlayer Updates of October 25, 2007",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
                },
                {
                  "name": "ADV-2007-3628",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3628"
                },
                {
                  "name": "25819",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25819"
                },
                {
                  "name": "1018297",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018297"
                },
                {
                  "name": "27361",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27361"
                },
                {
                  "name": "1018299",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018299"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3410",
        "datePublished": "2007-06-26T22:00:00.000Z",
        "dateReserved": "2007-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:13.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }