CVE-2010-3748: Buffer Overflow
First published: Mon Oct 18 2010(Updated: )
Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RealPlayer | =11.0 | |
| RealPlayer | =11.0.1 | |
| RealPlayer | =11.0.2 | |
| RealPlayer | =11.0.3 | |
| RealPlayer | =11.0.4 | |
| RealPlayer | =11.0.5 | |
| RealPlayer | =11.1 | |
| RealNetworks RealPlayer SP | =1.0.0 | |
| RealNetworks RealPlayer SP | =1.0.1 | |
| RealNetworks RealPlayer SP | =1.0.2 | |
| RealNetworks RealPlayer SP | =1.0.5 | |
| RealNetworks RealPlayer SP | =1.1 | |
| RealNetworks RealPlayer SP | =1.1.1 | |
| RealNetworks RealPlayer SP | =1.1.2 | |
| RealNetworks RealPlayer SP | =1.1.3 | |
| RealNetworks RealPlayer SP | =1.1.4 | |
| RealPlayer | =2.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-3748?
CVE-2010-3748 is classified as a medium severity vulnerability due to the potential for remote exploitation.
How do I fix CVE-2010-3748?
The recommended fix for CVE-2010-3748 is to update RealPlayer to the latest version provided by RealNetworks.
What are the affected versions of RealPlayer for CVE-2010-3748?
CVE-2010-3748 affects RealPlayer versions 11.0 through 11.1 and RealPlayer SP versions 1.0 through 1.1.4, among others.
Can CVE-2010-3748 be exploited remotely?
Yes, CVE-2010-3748 can be exploited remotely, allowing attackers to potentially execute arbitrary code.
Is CVE-2010-3748 present in RealPlayer Enterprise?
Yes, CVE-2010-3748 affects RealPlayer Enterprise version 2.1.2.
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/realnetworks
- canonical/realplayer
- version/realplayer/11.0
- version/realplayer/11.0.1
- version/realplayer/11.0.2
- version/realplayer/11.0.3
- version/realplayer/11.0.4
- version/realplayer/11.0.5
- version/realplayer/11.1
- canonical/realnetworks realplayer sp
- version/realnetworks realplayer sp/1.0.0
- version/realnetworks realplayer sp/1.0.1
- version/realnetworks realplayer sp/1.0.2
- version/realnetworks realplayer sp/1.0.5
- version/realnetworks realplayer sp/1.1
- version/realnetworks realplayer sp/1.1.1
- version/realnetworks realplayer sp/1.1.2
- version/realnetworks realplayer sp/1.1.3
- version/realnetworks realplayer sp/1.1.4
- version/realplayer/2.1.2