Vulnerability CVE-2010-0120

Vulnerability Name:

CVE-2010-0120 (CCN-61422)

Assigned:

2010-08-26

Published:

2010-08-26

Updated:

2017-09-19

Summary:

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2010-0120

Source: CCN
Type: SA41096
RealPlayer SP Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
41096

Source: CCN
Type: SA41154
RealPlayer Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
41154

Source: CCN
Type: Secunia Research 27/08/2010
RealPlayer QCP Audio Content Parsing Buffer Overflow

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2010-8/

Source: CCN
Type: SECTRACK ID: 1024370
RealPlayer Bugs Let Remote Users Obtain Files and Execute Arbitrary Code

Source: CCN
Type: RealNetworks Web Site
RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.

Source: CONFIRM
Type: Vendor Advisory
http://service.real.com/realplayer/security/08262010_player/en/

Source: CCN
Type: OSVDB ID: 67734
RealPlayer Multiple Products QCP Audio Content Size Value Overflow

Source: SECTRACK
Type: UNKNOWN
1024370

Source: VUPEN
Type: UNKNOWN
ADV-2010-2216

Source: XF
Type: UNKNOWN
realplayer-qcp-audio-bo(61422)

Source: XF
Type: UNKNOWN
realplayer-qcp-audio-bo(61422)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6807

Vulnerable Configuration:

Configuration 1:

cpe:/a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:realnetworks:realplayer_sp:1.1.4:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:6807	V	Heap-based buffer overflow vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4	2010-11-01

BACK