Описание
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.
Ссылки
- Vendor Advisory
- US Government Resource
- PatchVendor Advisory
- Vendor Advisory
- US Government Resource
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:realnetworks:realjukebox_2:1.0.2.340:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realjukebox_2:1.0.2.379:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realjukebox_2_plus:1.0.2.340:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realjukebox_2_plus:1.0.2.379:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:6.0.10.505:gold:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17024
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.
EPSS
Процентиль: 95%
0.17024
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other