5.1

CVE-2005-2629

Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RealnetworksHelix Player Version1.0 Editionlinux
RealnetworksHelix Player Version1.0.1 Editionlinux
RealnetworksHelix Player Version1.0.2 Editionlinux
RealnetworksHelix Player Version1.0.3 Editionlinux
RealnetworksHelix Player Version1.0.4 Editionlinux
RealnetworksHelix Player Version1.0.5 Editionlinux
RealnetworksRealone Player Version1.0
RealnetworksRealone Player Version2.0
RealnetworksRealplayer Editionenterprise
RealnetworksRealplayer Version8.0 Editionwin32
RealnetworksRealplayer Version10.0
RealnetworksRealplayer Version10.0 Editionlinux
RealnetworksRealplayer Version10.0 Editionmac_os_x
RealnetworksRealplayer Version10.5
RealnetworksRealplayer Version10.5_6.0.12.1040
RealnetworksRealplayer Version10.5_6.0.12.1053
RealnetworksRealplayer Version10.5_6.0.12.1056
RealnetworksRealplayer Version10.5_6.0.12.1059
RealnetworksRealplayer Version10.5_6.0.12.1069
RealnetworksRealplayer Version10.5_6.0.12.1235
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.82% 0.958
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/17559
http://marc.info/?l=bugtraq&m=113166476423021&w=2
http://secunia.com/advisories/17514/
Patch
Vendor Advisory
http://secunia.com/advisories/17860
Patch
Vendor Advisory
http://securityreason.com/securityalert/169
http://securitytracker.com/id?1015184
http://securitytracker.com/id?1015185
http://securitytracker.com/id?1015186
http://service.real.com/help/faq/security/051110_player/EN/
Patch
http://www.debian.org/security/2005/dsa-915
Patch
Vendor Advisory
http://www.eeye.com/html/research/advisories/AD20051110a.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/15381/
https://exchange.xforce.ibmcloud.com/vulnerabilities/23024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9550