| Vulnerability Name: | CVE-2007-5601 (CCN-37280) | ||||||||
| Assigned: | 2007-10-18 | ||||||||
| Published: | 2007-10-18 | ||||||||
| Updated: | 2017-07-29 | ||||||||
| Summary: | Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
7.7 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-119 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: Full-Disclosure Mailing List, Mon Nov 26 2007 - 14:15:25 CST UPDATED: RealNetworks RealPlayer ierpplug.dll ActiveX Control Multiple Stack Overflows Source: MITRE Type: CNA CVE-2007-5601 Source: CCN Type: SA27248 RealPlayer Playlist Handling Buffer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 27248 Source: CCN Type: SECTRACK ID: 1018843 RealPlayer Input Validation Flaw in `ierpplug.dll` Lets Remote Users Execute Arbitrary Code Source: CCN Type: RealNetworks Customer Support Web page RealPlayer Security Vulnerability Source: CONFIRM Type: UNKNOWN http://service.real.com/realplayer/security/191007_player/en/ Source: CCN Type: Microsoft Knowledge Base Article 240797 How to stop an ActiveX control from running in Internet Explorer Source: CCN Type: Computerworld Security News, October 19, 2007 Attacks exploiting RealPlayer zero-day in progress Source: MISC Type: UNKNOWN http://www.infosecblog.org/2007/10/nasa-bans-ie.html Source: CCN Type: IBM Internet Security Systems Protection Alert, Oct. 19, 2007 RealNetworks RealPlayer unspecified ActiveX buffer overflow Source: CCN Type: US-CERT VU#871673 RealPlayer playlist name stack buffer overflow Source: CERT-VN Type: US Government Resource VU#871673 Source: CCN Type: OSVDB ID: 41430 RealPlayer ActiveX (ierpplug.dll) Playlist Handling Overflow Source: CCN Type: OSVDB ID: 51704 RealPlayer ActiveX (ierpplug.dll) Multiple Method Overflows Source: CCN Type: RealNetworks Web site Rhapsody & RealPlayer - the best audio and video players Source: BID Type: UNKNOWN 26130 Source: CCN Type: BID-26130 RealPlayer ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow Vulnerability Source: CCN Type: BID-26586 RealMedia RealPlayer Ierpplug.DLL PlayerProperty ActiveX Control Buffer Overflow Vulnerability Source: SECTRACK Type: UNKNOWN 1018843 Source: MISC Type: UNKNOWN http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html Source: CERT Type: US Government Resource TA07-297A Source: VUPEN Type: Vendor Advisory ADV-2007-3548 Source: XF Type: UNKNOWN realplayer-activex-bo(37280) Source: XF Type: UNKNOWN realplayer-activex-bo(37280) Source: CCN Type: Rapid7 Vulnerability and Exploit Database [10-18-2007] RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||