9.3

CVE-2007-5080

Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RealnetworksRealone Player Version1.0 Editionwindows Langen
RealnetworksRealone Player Version2.0 Editionwindows
RealnetworksRealplayer Version10.0 Editionwindows
RealnetworksRealplayer Version10.5 Update6.0.12.1040 Editionwindows
RealnetworksRealplayer Version10.5 Update6.0.12.1578 Editionwindows
RealnetworksRealplayer Version10.5 Update6.0.12.1698 Editionwindows
RealnetworksRealplayer Version10.5 Update6.0.12.1741 Editionwindows
RealnetworksRealplayer Enterprise Editionwindows Langen
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 35.05% 0.969
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C