Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-0926

Опубликовано: 08 фев. 2012
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.1.609:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.1.633:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.6:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.7:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2.1744:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2.2315:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.1.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11_build_6.0.14.748:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:realnetworks:realplayer:15.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:15.0.1.13:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 86%
0.0277
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

github логотип

GHSA-wvmc-gwmp-fjx6

github
больше 3 лет назад

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream.

EPSS

Процентиль: 86%
0.0277
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-94