CVE-2010-0120

critical

Description

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6807

https://exchange.xforce.ibmcloud.com/vulnerabilities/61422

http://www.vupen.com/english/advisories/2010/2216

http://www.securitytracker.com/id?1024370

http://service.real.com/realplayer/security/08262010_player/en/

http://secunia.com/secunia_research/2010-8/

http://secunia.com/advisories/41154

http://secunia.com/advisories/41096

Details

Source: Mitre, NVD

Published: 2010-08-30

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics