PT-2010-5459 · Realnetworks+1 · Realplayer Enterprise+5

Published

2010-12-14

·

Updated

2011-01-26

·

CVE-2010-4382

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions RealPlayer versions 11.0 through 11.1 RealPlayer SP versions 1.0 through 1.1.4 RealPlayer Enterprise version 2.1.2 Linux RealPlayer version 11.0.2.1744 HelixPlayer version 1.0.6
Description The issue is related to multiple heap-based buffer overflows that can be triggered by a crafted RealMedia file, allowing remote attackers to have an unspecified impact.
Recommendations For RealPlayer versions 11.0 through 11.1, update to a version that is not affected by this issue. For RealPlayer SP versions 1.0 through 1.1.4, update to a version that is not affected by this issue. For RealPlayer Enterprise version 2.1.2, update to a version that is not affected by this issue. For Linux RealPlayer version 11.0.2.1744, update to a version that is not affected by this issue. For HelixPlayer version 1.0.6, update to a version that is not affected by this issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-4382
RHSA-2010:0981
RHSA-2010_0981

Affected Products

Helix Player
Linux Realplayer
Realplayer
Realplayer Enterprise
Realplayer Sp
Red Hat