CVE-2005-2710

EPSS 53.63%
Published 27.09.2005 20:03:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.

Affected products Warnungen 0 Metrics 2 CWE 0 References 22

Data is provided by the National Vulnerability Database (NVD)

Realnetworks ≫ Helix Player

Realnetworks ≫ Realplayer Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	53.63%	0.979

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/16981

http://www.debian.org/security/2005/dsa-826

Vendor Advisory

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078

Vendor Advisory

http://marc.info/?l=bugtraq&m=112785544325326&w=2

http://marc.info/?l=full-disclosure&m=112775929608219&w=2

http://secunia.com/advisories/16954

http://secunia.com/advisories/16961

http://secunia.com/advisories/17116

http://secunia.com/advisories/17127

http://securityreason.com/securityalert/27

http://securityreason.com/securityalert/41

http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml

http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities

Vendor Advisory

http://www.kb.cert.org/vuls/id/361181

Third Party Advisory

US Government Resource

http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html

http://www.open-security.org/advisories/13

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-762.html

http://www.redhat.com/support/errata/RHSA-2005-788.html

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015

https://nvd.nist.gov/vuln/detail/CVE-2005-2710

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2710

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2710

EUVD