Realnetworks : Security Vulnerabilities, CVEs, Published In October 2010 (Overflow)

CVE-2010-3751

Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler.
Max CVSS
9.3
EPSS Score
0.85%
Published
2010-10-19
Updated
2010-10-19

CVE-2010-3748

Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.33%
Published
2010-10-19
Updated
2010-10-19

CVE-2010-3747

Public exploit
An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI.
Max CVSS
9.3
EPSS Score
95.60%
Published
2010-10-19
Updated
2011-09-22

CVE-2010-2578

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file.
Max CVSS
9.3
EPSS Score
0.09%
Published
2010-10-19
Updated
2010-10-19
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close