CVE Vulnerabilities

CVE-2004-1481

Published: Dec 31, 2004 | Modified: Aug 11, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Helix_player Realnetworks 1.0 1.0
Realone_player Realnetworks 1.0 1.0
Realone_player Realnetworks 2.0 2.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 10.5 10.5
Realplayer Realnetworks 10.5_6.0.12.1016 10.5_6.0.12.1016
Realplayer Realnetworks 8.0 8.0
Realplayer Realnetworks 8.0 8.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 8.0 8.0
Realplayer Realnetworks 10.0_6.0.12.690 10.0_6.0.12.690
Realplayer Realnetworks 10.5_6.0.12.1040 10.5_6.0.12.1040
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks - -
Realone_player Realnetworks 9.0.0.297 9.0.0.297
Realone_player Realnetworks 9.0.0.288 9.0.0.288

References