PT-2010-1933 · Realnetworks · Realplayer+1

Published

2010-08-30

Updated

2017-09-19

CVE-2010-0117

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions RealPlayer versions 11.0 through 11.1 RealPlayer SP versions 1.0 through 1.1.4

Description The issue arises from improper handling of dimensions during YUV420 transformations, potentially allowing remote attackers to execute arbitrary code via crafted MP4 content.

Recommendations For RealPlayer versions 11.0 through 11.1, update to a version that properly handles YUV420 transformations to prevent potential code execution. For RealPlayer SP versions 1.0 through 1.1.4, update to a version that correctly processes dimensions during YUV420 transformations to mitigate the risk of arbitrary code execution.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-0117

Affected Products

Realplayer

Realplayer Sp

PT-2010-1933 · Realnetworks · Realplayer+1

CVE-2010-0117

Related Identifiers

Affected Products

References · 11