PT-2010-1933 · Realnetworks · Realplayer+1

Publicado

2010-08-30

Atualizado

2017-09-19

CVE-2010-0117

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions RealPlayer versions 11.0 through 11.1 RealPlayer SP versions 1.0 through 1.1.4

Description The issue arises from improper handling of dimensions during YUV420 transformations, potentially allowing remote attackers to execute arbitrary code via crafted MP4 content.

Recommendations For RealPlayer versions 11.0 through 11.1, update to a version that properly handles YUV420 transformations to prevent potential code execution. For RealPlayer SP versions 1.0 through 1.1.4, update to a version that correctly processes dimensions during YUV420 transformations to mitigate the risk of arbitrary code execution.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2010-0117

Produtos afetados

Realplayer

Realplayer Sp

PT-2010-1933 · Realnetworks · Realplayer+1

CVE-2010-0117

Identificadores relacionados

Produtos afetados

Referências · 11