PT-2010-1333 · Realnetworks · Realplayer+1
Published
2010-01-25
·
Updated
2017-08-17
·
CVE-2009-4243
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
RealPlayer versions 10, 10.5 6.0.12.1040 through 6.0.12.1741
RealPlayer version 11 11.0.0 through 11.0.4
RealPlayer Enterprise
Mac RealPlayer versions 10 and 10.1
Linux RealPlayer version 10
Helix Player versions 10.x
Description
The issue allows remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."
Recommendations
For RealPlayer versions 10, 10.5 6.0.12.1040 through 6.0.12.1741, update to a version outside of the affected range.
For RealPlayer version 11 11.0.0 through 11.0.4, update to a version outside of the affected range.
For RealPlayer Enterprise, update to a version that is not affected by the issue.
For Mac RealPlayer versions 10 and 10.1, update to a version outside of the affected range.
For Linux RealPlayer version 10, update to a version that is not affected by the issue.
For Helix Player versions 10.x, update to a version outside of the affected range.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Helix Player
Realplayer