CVE-2007-2263

critical

Description

Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432

https://exchange.xforce.ibmcloud.com/vulnerabilities/37436

http://www.zerodayinitiative.com/advisories/ZDI-07-061.html

http://www.vupen.com/english/advisories/2007/3628

http://www.securitytracker.com/id?1018866

http://www.securityfocus.com/bid/26284

http://www.securityfocus.com/bid/26214

http://www.securityfocus.com/archive/1/483110/100/0/threaded

http://www.attrition.org/pipermail/vim/2007-October/001841.html

http://service.real.com/realplayer/security/10252007_player/en/

http://secunia.com/advisories/27361

http://osvdb.org/38344

Details

Source: Mitre, NVD

Published: 2007-10-31

Updated: 2018-10-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics