CVE-2005-2710

EPSS 53.63%
Veröffentlicht 27.09.2005 20:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Realnetworks ≫ Helix Player

Realnetworks ≫ Realplayer Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	53.63%	0.979

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/16981

http://www.debian.org/security/2005/dsa-826

Vendor Advisory

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078

Vendor Advisory

http://marc.info/?l=bugtraq&m=112785544325326&w=2

http://marc.info/?l=full-disclosure&m=112775929608219&w=2

http://secunia.com/advisories/16954

http://secunia.com/advisories/16961

http://secunia.com/advisories/17116

http://secunia.com/advisories/17127

http://securityreason.com/securityalert/27

http://securityreason.com/securityalert/41

http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml

http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities

Vendor Advisory

http://www.kb.cert.org/vuls/id/361181

Third Party Advisory

US Government Resource

http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html

http://www.open-security.org/advisories/13

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-762.html

http://www.redhat.com/support/errata/RHSA-2005-788.html

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015

https://nvd.nist.gov/vuln/detail/CVE-2005-2710

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2710

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2710

EUVD