Описание
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
Ссылки
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:8.0:*:win32:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04977
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 20 лет назад
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 1 ...
github
больше 3 лет назад
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
EPSS
Процентиль: 89%
0.04977
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other