Vulnerability Name: CVE-2005-2922 (CCN-25409) Assigned: 2005-12-31 Published: 2005-12-31 Updated: 2017-10-11 Summary: Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2005-2922 RealPlayer security update HelixPlayer security update RealNetworks Products Multiple Buffer Overflow Vulnerabilities 19358 19365 RealPlayer Heap Overflow in Embedded Player May Let Remote Users Execute Arbitrary Code 1015808 RealNetworks Releases Product Updates - 03162006 RealNetworks products fail to properly handle chunked data VU#172489 SUSE-SA:2006:018 RHSA-2005:762 RHSA-2005:788 17202 RealNetworks Multiple Products Multiple Buffer Overflow Vulnerabilities http://www.service.real.com/realplayer/security/03162006_player/en/ ADV-2006-1057 RealNetworks RealPlayer chunked Transfer-Encoding buffer overflow realnetworks-chunked-transferencoding-bo(25409) realnetworks-chunked-transferencoding-bo(25409) RealNetworks RealPlayer and Helix Player Invalid Chunk Size Heap Overflow Vulnerability oval:org.mitre.oval:def:11444 RealPlayer security problems Vulnerable Configuration: Configuration 1 :cpe:/a:realnetworks:helix_player:10.0:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:helix_player:10.0.1:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:helix_player:10.0.2:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:helix_player:10.0.3:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:helix_player:10.0.4:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:helix_player:10.0.5:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:helix_player:10.0.6:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realone_player:*:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realone_player:0.288:*:mac_os_x:*:*:*:*:* OR cpe:/a:realnetworks:realone_player:0.297:*:mac_os_x:*:*:*:*:* OR cpe:/a:realnetworks:realone_player:1.0:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realone_player:2.0:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:8.0:*:win32:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.0.305:*:mac_os:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.0.331:*:mac_os:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.1:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.2:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.3:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.4:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.5:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.0.6:*:linux:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:* OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:* OR cpe:/a:realnetworks:rhapsody:3.0:*:*:*:*:*:*:* OR cpe:/a:realnetworks:rhapsody:3.0_build_0.815:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20052922 V CVE-2005-2922 2015-11-16 oval:org.mitre.oval:def:11444 V Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. 2013-04-29 oval:com.redhat.rhsa:def:20050788 P RHSA-2005:788: HelixPlayer security update (Critical) 2005-09-27
BACK
realnetworks helix player 10.0
realnetworks helix player 10.0.1
realnetworks helix player 10.0.2
realnetworks helix player 10.0.3
realnetworks helix player 10.0.4
realnetworks helix player 10.0.5
realnetworks helix player 10.0.6
realnetworks realone player *
realnetworks realone player 0.288
realnetworks realone player 0.297
realnetworks realone player 1.0
realnetworks realone player 2.0
realnetworks realplayer *
realnetworks realplayer 8.0
realnetworks realplayer 10.0
realnetworks realplayer 10.0.0.305
realnetworks realplayer 10.0.0.331
realnetworks realplayer 10.0.1
realnetworks realplayer 10.0.2
realnetworks realplayer 10.0.3
realnetworks realplayer 10.0.4
realnetworks realplayer 10.0.5
realnetworks realplayer 10.0.6
realnetworks realplayer 10.5
realnetworks realplayer 10.5_6.0.12.1040
realnetworks realplayer 10.5_6.0.12.1053
realnetworks realplayer 10.5_6.0.12.1056
realnetworks realplayer 10.5_6.0.12.1059
realnetworks realplayer 10.5_6.0.12.1069
realnetworks realplayer 10.5_6.0.12.1235
realnetworks rhapsody 3.0
realnetworks rhapsody 3.0_build_0.815
Denotes that component is vulnerable