CVE-2010-3749

critical

Description

The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."

References

http://www.zerodayinitiative.com/advisories/ZDI-10-211/

http://www.securityfocus.com/bid/44443

http://www.securityfocus.com/bid/44144

http://www.exploit-db.com/exploits/15991

http://service.real.com/realplayer/security/10152010_player/en/

Details

Source: Mitre, NVD

Published: 2010-10-19

Updated: 2011-01-26

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical