Vulnerability CVE-2004-0258
Published: 2004-11-23   Modified: 2012-02-12

Description:
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files.

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Realnetworks -> Realone desktop manager 
Realnetworks -> Realone enterprise desktop 
Realnetworks -> Realone player 
Realnetworks -> Realplayer 

 References:
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html
http://marc.info/?l=bugtraq&m=107608748813559&w=2
http://www.ciac.org/ciac/bulletins/o-075.shtml
http://www.kb.cert.org/vuls/id/473814
http://www.nextgenss.com/advisories/realone.txt
http://www.securityfocus.com/bid/9579
http://www.service.real.com/help/faq/security/040123_player/EN/
http://xforce.iss.net/xforce/xfdb/15040
Copyright 2024, cxsecurity.com

 

Back to Top