Vulnerability Details CVE-2004-0258
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.224
EPSS Ranking 95.5%
CVSS Severity
CVSS v2 Score 7.6
References
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html
- http://marc.info/?l=bugtraq&m=107608748813559&w=2
- http://www.ciac.org/ciac/bulletins/o-075.shtml
- http://www.kb.cert.org/vuls/id/473814
- http://www.nextgenss.com/advisories/realone.txt
- http://www.securityfocus.com/bid/9579
- http://www.service.real.com/help/faq/security/040123_player/EN/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15040
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html
- http://marc.info/?l=bugtraq&m=107608748813559&w=2
- http://www.ciac.org/ciac/bulletins/o-075.shtml
- http://www.kb.cert.org/vuls/id/473814
- http://www.nextgenss.com/advisories/realone.txt
- http://www.securityfocus.com/bid/9579
- http://www.service.real.com/help/faq/security/040123_player/EN/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15040
Products affected by CVE-2004-0258
-
cpe:2.3:a:realnetworks:realone_desktop_manager:*
-
cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774
-
cpe:2.3:a:realnetworks:realone_player:1.0
-
cpe:2.3:a:realnetworks:realone_player:2.0
-
cpe:2.3:a:realnetworks:realone_player:6.0.11.818
-
cpe:2.3:a:realnetworks:realone_player:6.0.11.830
-
cpe:2.3:a:realnetworks:realone_player:6.0.11.841
-
cpe:2.3:a:realnetworks:realone_player:6.0.11.853
-
cpe:2.3:a:realnetworks:realone_player:6.0.11.868
-
cpe:2.3:a:realnetworks:realplayer:10.0_beta
-
cpe:2.3:a:realnetworks:realplayer:8.0