CVE-2010-4389

RealPlayer 11.0-11.1 and RealPlayer SP 1.0-1.1.5 - Remote Code Execution via Cook Codec Heap Overflow

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via unspecified data in the initialization buffer.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/69849
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024861
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-279

Scores

EPSS 0.0690
EPSS Percentile 91.5%

Details

CWE
CWE-119
Status published
Products (18)
realnetworks/realplayer 11.0
realnetworks/realplayer 11.0.1
realnetworks/realplayer 11.0.2
realnetworks/realplayer 11.0.3
realnetworks/realplayer 11.0.4
realnetworks/realplayer 11.0.5
realnetworks/realplayer 11.1
realnetworks/realplayer 11.0.2.1744
realnetworks/realplayer_sp 1.0.0
realnetworks/realplayer_sp 1.0.1
... and 8 more
Published Dec 14, 2010
Tracked Since Feb 18, 2026