Vulnerability Name:

CVE-2007-2263 (CCN-37436)

Assigned:2007-10-25
Published:2007-10-25
Updated:2018-10-16
Summary:Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-2263

Source: OSVDB
Type: UNKNOWN
38344

Source: CCN
Type: RHSA-2007-0841
Critical: RealPlayer security update

Source: CCN
Type: SA27361
RealPlayer/RealOne/HelixPlayer Multiple Buffer Overflows

Source: SECUNIA
Type: Patch, Vendor Advisory
27361

Source: CCN
Type: SECTRACK ID: 1018866
RealPlayer Buffer Overflows in Processing MP3, RM, SWF, RAM, and PLS Files Lets Remote Users Execute Arbitrary Code

Source: CONFIRM
Type: Patch
http://service.real.com/realplayer/security/10252007_player/en/

Source: VIM
Type: UNKNOWN
20071030 RealPlayer Updates of October 25, 2007

Source: CCN
Type: OSVDB ID: 38344
RealPlayer SWF File Handling Overflow

Source: BUGTRAQ
Type: UNKNOWN
20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability

Source: BID
Type: Patch
26214

Source: CCN
Type: BID-26214
RealNetworks RealPlayer File Parsing Routines Multiple Vulnerabilities

Source: BID
Type: UNKNOWN
26284

Source: CCN
Type: BID-26284
RealNetworks RealPlayer SWF File Processing Remote Code Execution Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018866

Source: CCN
Type: RealNetworks Customer Support - Real Security Updates Web page
RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.

Source: VUPEN
Type: Vendor Advisory
ADV-2007-3628

Source: MISC
Type: UNKNOWN
http://www.zerodayinitiative.com/advisories/ZDI-07-061.html

Source: XF
Type: UNKNOWN
realplayer-swf-bo(37436)

Source: XF
Type: UNKNOWN
realplayer-swf-bo(37436)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11432

Source: CCN
Type: ZDI-07-061
RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:realnetworks:realone_player:*:*:mac:en:*:*:*:*
  • OR cpe:/a:realnetworks:realone_player:2.0:*:windows:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:*:windows:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.0.305:mac:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.0.331:mac:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.0.352:mac:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.5:linux:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.6:linux:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.7:linux:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.8:linux:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:10.0.9:linux:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.1:10.0.0.396:mac:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.1:10.0.0.412:mac:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5:6.0.12.1040:windows:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5:6.0.12.1578:windows:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5:6.0.12.1698:windows:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5:6.0.12.1741:windows:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer_enterprise:*:*:windows:en:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:11432
    V
    		Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
    2010-09-06
    BACK
    realnetworks realone player *
    realnetworks realone player 2.0
    realnetworks realplayer 10.0
    realnetworks realplayer 10.0 10.0.0.305
    realnetworks realplayer 10.0 10.0.0.331
    realnetworks realplayer 10.0 10.0.0.352
    realnetworks realplayer 10.0 10.0.5
    realnetworks realplayer 10.0 10.0.6
    realnetworks realplayer 10.0 10.0.7
    realnetworks realplayer 10.0 10.0.8
    realnetworks realplayer 10.0 10.0.9
    realnetworks realplayer 10.1 10.0.0.396
    realnetworks realplayer 10.1 10.0.0.412
    realnetworks realplayer 10.5 6.0.12.1040
    realnetworks realplayer 10.5 6.0.12.1578
    realnetworks realplayer 10.5 6.0.12.1698
    realnetworks realplayer 10.5 6.0.12.1741
    realnetworks realplayer enterprise *