CVE-2010-0116

EPSS 15.56%
Published 30.08.2010 20:00:01
Last modified 11.04.2025 00:51:21
Source PSIRT-CNA@flexerasoftware.com
Teams watchlist Login
Open Login

Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Realnetworks ≫ Realplayer Version11.0

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Version11.1

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.0.0

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.0.1

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.0.2

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.0.5

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.1

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.1.1

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.1.2

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.1.3

Microsoft ≫ Windows

Realnetworks ≫ Realplayer Sp Version1.1.4

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	15.56%	0.941

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/41096

http://secunia.com/advisories/41154

http://secunia.com/secunia_research/2010-3/

Vendor Advisory

http://service.real.com/realplayer/security/08262010_player/en/

Vendor Advisory

http://www.securitytracker.com/id?1024370

http://www.vupen.com/english/advisories/2010/2216

https://exchange.xforce.ibmcloud.com/vulnerabilities/61420

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7326

https://nvd.nist.gov/vuln/detail/CVE-2010-0116

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0116

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0116

EUVD