Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-4257

Опубликовано: 25 янв. 2010
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 9.3

Описание

Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

hardy

DNE

intrepid

DNE

jaunty

DNE

karmic

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

hardy

DNE

intrepid

DNE

jaunty

DNE

karmic

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 93%
0.1084
Средний

9.3 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-4257

redhat
больше 17 лет назад

Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.

nvd логотип

CVE-2009-4257

nvd
почти 16 лет назад

Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.

github логотип

GHSA-3gv9-4xxv-89c6

github
больше 3 лет назад

Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.

EPSS

Процентиль: 93%
0.1084
Средний

9.3 Critical

CVSS2