CVE-2007-2263: Buffer Overflow
First published: Wed Oct 31 2007(Updated: )
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Realnetworks Realone Player | ||
| Realnetworks Realone Player | =2.0 | |
| Realnetworks Realplayer | =10.0 | |
| Realnetworks Realplayer | =10.0-10.0.0.305 | |
| Realnetworks Realplayer | =10.0-10.0.0.331 | |
| Realnetworks Realplayer | =10.0-10.0.0.352 | |
| Realnetworks Realplayer | =10.0-10.0.5 | |
| Realnetworks Realplayer | =10.0-10.0.6 | |
| Realnetworks Realplayer | =10.0-10.0.7 | |
| Realnetworks Realplayer | =10.0-10.0.8 | |
| Realnetworks Realplayer | =10.0-10.0.9 | |
| Realnetworks Realplayer | =10.1-10.0.0.396 | |
| Realnetworks Realplayer | =10.1-10.0.0.412 | |
| Realnetworks Realplayer | =10.5-6.0.12.1040 | |
| Realnetworks Realplayer | =10.5-6.0.12.1578 | |
| Realnetworks Realplayer | =10.5-6.0.12.1698 | |
| Realnetworks Realplayer | =10.5-6.0.12.1741 | |
| Realnetworks Realplayer Enterprise |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/38344
- http://secunia.com/advisories/27361
- http://service.real.com/realplayer/security/10252007_player/en/
- http://www.attrition.org/pipermail/vim/2007-October/001841.html
- http://www.securityfocus.com/archive/1/483110/100/0/threaded
- http://www.securityfocus.com/bid/26214
- http://www.securityfocus.com/bid/26284
- http://www.securitytracker.com/id?1018866
- http://www.vupen.com/english/advisories/2007/3628
- http://www.zerodayinitiative.com/advisories/ZDI-07-061.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37436
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432
- collector/nvd-index
- collector/nvd-historical
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/realnetworks
- canonical/realnetworks realone player
- version/realnetworks realone player/2.0
- canonical/realnetworks realplayer
- version/realnetworks realplayer/10.0
- version/realnetworks realplayer/10.0-10.0.0.305
- version/realnetworks realplayer/10.0-10.0.0.331
- version/realnetworks realplayer/10.0-10.0.0.352
- version/realnetworks realplayer/10.0-10.0.5
- version/realnetworks realplayer/10.0-10.0.6
- version/realnetworks realplayer/10.0-10.0.7
- version/realnetworks realplayer/10.0-10.0.8
- version/realnetworks realplayer/10.0-10.0.9
- version/realnetworks realplayer/10.1-10.0.0.396
- version/realnetworks realplayer/10.1-10.0.0.412
- version/realnetworks realplayer/10.5-6.0.12.1040
- version/realnetworks realplayer/10.5-6.0.12.1578
- version/realnetworks realplayer/10.5-6.0.12.1698
- version/realnetworks realplayer/10.5-6.0.12.1741
- canonical/realnetworks realplayer enterprise