CVE-2010-2999: Integer Overflow
First published: Tue Dec 14 2010(Updated: )
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Realnetworks Realplayer | =11.0 | |
| Realnetworks Realplayer | =11.0.4 | |
| Realnetworks Realplayer | =11.0.2 | |
| Realnetworks Realplayer | =11.0.3 | |
| Realnetworks Realplayer | =11.0.5 | |
| Realnetworks Realplayer | =11.1 | |
| Realnetworks Realplayer | =11.0.1 | |
| Realnetworks Realplayer Sp | =1.0.1 | |
| Realnetworks Realplayer Sp | =1.0.0 | |
| Apple Mac OS X | ||
| Realnetworks Realplayer | =11.0.2.1744 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/realnetworks
- canonical/realnetworks realplayer
- version/realnetworks realplayer/11.0
- version/realnetworks realplayer/11.0.4
- version/realnetworks realplayer/11.0.2
- version/realnetworks realplayer/11.0.3
- version/realnetworks realplayer/11.0.5
- version/realnetworks realplayer/11.1
- version/realnetworks realplayer/11.0.1
- canonical/realnetworks realplayer sp
- version/realnetworks realplayer sp/1.0.1
- version/realnetworks realplayer sp/1.0.0
- vendor/apple
- canonical/apple mac os x
- version/realnetworks realplayer/11.0.2.1744
- vendor/linux
- canonical/linux linux kernel