| Vulnerability Name: | CVE-2005-3677 (CCN-23869) | ||||||||
| Assigned: | 2005-11-11 | ||||||||
| Published: | 2005-11-11 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. Note: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-3677 Source: BUGTRAQ Type: UNKNOWN 20051111 High Risk Flaw in RealPlayer Source: CCN Type: BugTraq Mailing List, 2005-11-11 16:44:42 High Risk Flaw in RealPlayer Source: CCN Type: SA17514 RealPlayer/RealOne/HelixPlayer "rm" and "rjs" File Handling Buffer Overflow Source: SECUNIA Type: Vendor Advisory 17514 Source: CCN Type: RealPlayer Customer Support Web page RealNetworks, Inc. Releases Update to Address Security Vulnerabilities Source: CONFIRM Type: UNKNOWN http://service.real.com/help/faq/security/051110_player/EN/ Source: CCN Type: BID-15398 RealNetworks RealPlayer Unspecified Malformed Image Skin File Buffer Overflow Vulnerability Source: BID Type: UNKNOWN 15398 Source: XF Type: UNKNOWN realplayer-rjs-image-bo(23869) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||