CVE-2007-2263: Buffer Overflow
First published: Wed Oct 31 2007(Updated: )
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RealNetworks RealPlayer | ||
| RealNetworks RealPlayer | =2.0 | |
| RealPlayer | =10.0 | |
| RealPlayer | =10.0-10.0.0.305 | |
| RealPlayer | =10.0-10.0.0.331 | |
| RealPlayer | =10.0-10.0.0.352 | |
| RealPlayer | =10.0-10.0.5 | |
| RealPlayer | =10.0-10.0.6 | |
| RealPlayer | =10.0-10.0.7 | |
| RealPlayer | =10.0-10.0.8 | |
| RealPlayer | =10.0-10.0.9 | |
| RealPlayer | =10.1-10.0.0.396 | |
| RealPlayer | =10.1-10.0.0.412 | |
| RealPlayer | =10.5-6.0.12.1040 | |
| RealPlayer | =10.5-6.0.12.1578 | |
| RealPlayer | =10.5-6.0.12.1698 | |
| RealPlayer | =10.5-6.0.12.1741 | |
| RealPlayer |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/38344
- http://secunia.com/advisories/27361
- http://service.real.com/realplayer/security/10252007_player/en/
- http://www.attrition.org/pipermail/vim/2007-October/001841.html
- http://www.securityfocus.com/archive/1/483110/100/0/threaded
- http://www.securityfocus.com/bid/26214
- http://www.securityfocus.com/bid/26284
- http://www.securitytracker.com/id?1018866
- http://www.vupen.com/english/advisories/2007/3628
- http://www.zerodayinitiative.com/advisories/ZDI-07-061.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37436
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- vendor/realnetworks
- canonical/realnetworks realplayer
- version/realnetworks realplayer/2.0
- canonical/realplayer
- version/realplayer/10.0
- version/realplayer/10.0-10.0.0.305
- version/realplayer/10.0-10.0.0.331
- version/realplayer/10.0-10.0.0.352
- version/realplayer/10.0-10.0.5
- version/realplayer/10.0-10.0.6
- version/realplayer/10.0-10.0.7
- version/realplayer/10.0-10.0.8
- version/realplayer/10.0-10.0.9
- version/realplayer/10.1-10.0.0.396
- version/realplayer/10.1-10.0.0.412
- version/realplayer/10.5-6.0.12.1040
- version/realplayer/10.5-6.0.12.1578
- version/realplayer/10.5-6.0.12.1698
- version/realplayer/10.5-6.0.12.1741