CVE-2005-0755 : Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.

Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.

Published 2005-04-19 04:00:00

Updated 2025-04-03 01:03:51

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2005-0755

Realnetworks » Realplayer » Version: 8.0
cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*
Matching versions
Realnetworks » Realplayer » Version: 10.0
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
Matching versions
Realnetworks » Realplayer » Version: 10.0 6.0.12.690
cpe:2.3:a:realnetworks:realplayer:10.0_6.0.12.690:*:*:*:*:*:*:*
Matching versions
Realnetworks » Realplayer » Version: 10.0 Update Beta
cpe:2.3:a:realnetworks:realplayer:10.0:beta:*:*:*:*:*:*
Matching versions
Realnetworks » Realplayer » Version: 8.0 For Mac Os X
cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:mac_os_x:*:*
Matching versions
Realnetworks » Realplayer » Version: 8.0 For Unix
cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:unix:*:*
Matching versions
Realnetworks » Realplayer » Version: 10.0 Language EN
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:en:*:*:*:*
Matching versions
Realnetworks » Realplayer » Version: 10.0 Language DE
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:de:*:*:*:*
Matching versions
Realnetworks » Realplayer » Version: 10.0 Language JA
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:ja:*:*:*:*
Matching versions
Realnetworks » Realone Player » Version: 2.0
cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
Matching versions
Realnetworks » Realone Player » Version: 1.0
cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*
Matching versions
Realnetworks » Helix Player
Versions up to, including, (<=) 10.0.3
cpe:2.3:a:realnetworks:helix_player:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-0755

EPSS FAQ

8.42%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 92 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-0755

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.1	MEDIUM	AV:N/AC:H/Au:N/C:P/I:P/A:P	4.9	6.4	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-0755

http://service.real.com/help/faq/security/050419_player/EN/

Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-363.html

Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-392.html

Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00040.html

Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11205

Third Party Advisory
http://pb.specialised.info/all/adv/real-ram-adv.txt

Third Party Advisory
http://marc.info/?l=bugtraq&m=111401615202987&w=2

Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-394.html

Third Party Advisory

Jump to

Vulnerability Details : CVE-2005-0755

Products affected by CVE-2005-0755

Exploit prediction scoring system (EPSS) score for CVE-2005-0755

CVSS scores for CVE-2005-0755

References for CVE-2005-0755