CVE-2007-2264
Published Oct 31, 2007
Last updated 6 years ago
Overview
- Description
- Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatThis issue was fixed in RealPlayer for Red Hat Enterprise Linux 3 Extras, 4 Extras, 5 Supplementary by RHSA-2007:0841 on 17th August 2007: http://rhn.redhat.com/errata/RHSA-2007-0841.html)on (Our original advisory did not mention this issue was fixed as the details of the issue were not made public by RealNetworks until 25th October 2007)
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:realnetworks:realone_player:*:*:mac:en:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E42CFE29-8AF0-4FAE-88FD-4E2D373FE16D" }, { "criteria": "cpe:2.3:a:realnetworks:realone_player:1.0:*:windows:en:*:*:*:*", "vulnerable": true, "matchCriteriaId": "880F633E-3833-4E07-91AE-F11E77DC3AF4" }, { "criteria": "cpe:2.3:a:realnetworks:realone_player:2.0:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72F332E7-13EA-447D-8116-7CD404120040" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E6051B4-1B15-44C0-B2CD-5504E68C60F2" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15FABF57-B77B-49FF-BEAF-1E0D6BD4B66F" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.305:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "995983E3-6968-4071-A3E7-BC84800894C9" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.331:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D5A55EF-BFC7-4703-B115-910DC8338733" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.352:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4FE917E-31A3-4065-B723-FACECEB1BEB8" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.5:linux:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28F3DFCA-C0E8-43FC-B313-7E21978AE481" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.6:linux:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A874D31-8FDB-456C-ABF8-94F812DD1B67" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.7:linux:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB81B184-CD30-42DD-8BA6-BED303BF6377" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.8:linux:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F62E12E0-D806-40F4-8779-18679572AD04" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:10.0.9:linux:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5567F40F-B04C-4866-A7B2-C796AAA0CE86" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0._481:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1311A415-4CBB-44BA-A014-FCC2BBFF6D28" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0.396:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E4F874-E9A5-40F1-82CF-5C2E4749DF6C" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0.412:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBC0DDE6-356C-4EE7-83E1-7EF5A0C5A751" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:6.0.12.1040:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB3CC6D6-334F-4F9C-8A5C-7EC3DCACEC50" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:6.0.12.1578:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "414712E9-6901-4D33-B970-36CC238D4257" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:6.0.12.1698:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35AAD3FF-B70E-46CB-A3C1-34B2412EE6EC" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:6.0.12.1741:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA78969A-CBAE-4B67-96E7-F7EC9FD78E38" }, { "criteria": "cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:windows:en:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9BA3DF0-9785-4F70-A9A3-38F657B52AA7" } ], "operator": "OR" } ] } ]