9.3
CVE-2011-0694
- EPSS 6.36%
- Veröffentlicht 21.02.2011 18:00:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Realnetworks ≫ Realplayer Version11.0
Realnetworks ≫ Realplayer Version11.1
Realnetworks ≫ Realplayer Version14.0.0
Realnetworks ≫ Realplayer Version14.0.1
Realnetworks ≫ Realplayer Sp Version1.0.0
Realnetworks ≫ Realplayer Sp Version1.0.1
Realnetworks ≫ Realplayer Sp Version1.0.2
Realnetworks ≫ Realplayer Sp Version1.0.5
Realnetworks ≫ Realplayer Sp Version1.1
Realnetworks ≫ Realplayer Sp Version1.1.1
Realnetworks ≫ Realplayer Sp Version1.1.2
Realnetworks ≫ Realplayer Sp Version1.1.3
Realnetworks ≫ Realplayer Sp Version1.1.4
Realnetworks ≫ Realplayer Sp Version1.1.5
Realnetworks ≫ Realplayer Version2.0 Editionenterprise
Realnetworks ≫ Realplayer Version2.1 Editionenterprise
Realnetworks ≫ Realplayer Version2.1.2 Editionenterprise
Realnetworks ≫ Realplayer Version2.1.3 Editionenterprise
Realnetworks ≫ Realplayer Version2.1.4 Editionenterprise
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.36% | 0.9 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|