Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-4245

Опубликовано: 25 янв. 2010
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.

Комментарий

Specific affected release information can be found from RealNetworks at:

http://service.real.com/realplayer/security/01192010_player/en/

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:realnetworks:helix_player:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.0:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.1:*:linux:*:*:*:*:*

EPSS

Процентиль: 91%
0.07358
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2009-4245

ubuntu
почти 16 лет назад

Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.

redhat логотип

CVE-2009-4245

redhat
больше 17 лет назад

Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.

github логотип

GHSA-89x4-gm7p-7fr8

github
больше 3 лет назад

Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.

EPSS

Процентиль: 91%
0.07358
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119