CVE-2003-0141

Опубликовано: 02 апр. 2003

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.

Ссылки

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html
http://marc.info/?l=bugtraq&m=104887465427579&w=2
http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/705761
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/7177
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html
http://marc.info/?l=bugtraq&m=104887465427579&w=2
http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/705761
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/7177
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:6.0.10.505:gold:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:6.0.11.818:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:6.0.11.830:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:6.0.11.841:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:6.0.11.853:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:9.0.0.288:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realone_player:9.0.0.297:*:*:*:*:*:*:*

cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00241

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9pq5-6mmc-rqh3

github

больше 3 лет назад