| Vulnerability Name: | CVE-2010-2997 (CCN-64001) | ||||||||||||
| Assigned: | 2010-12-10 | ||||||||||||
| Published: | 2010-12-10 | ||||||||||||
| Updated: | 2011-01-26 | ||||||||||||
| Summary: | Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitle tag in an ICY SHOUTcast stream, related to the SMIL file format. | ||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-399 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2010-2997 Source: CCN Type: RHSA-2010-0981 Critical: HelixPlayer removal Source: CCN Type: RHSA-2010:0981-1 Critical: HelixPlayer removal Source: CCN Type: SA38550 RealPlayer Multiple Vulnerabilities Source: CCN Type: SA42333 RealPlayer Enterprise Multiple Vulnerabilities Source: CCN Type: SA42512 Mac RealPlayer Multiple Vulnerabilities Source: CCN Type: SA42532 Red Hat HelixPlayer Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1024861 RealPlayer Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code Source: CCN Type: RealNetworks Web Site RealNetworks, Inc. Releases Update to Address Security Vulnerabilities Source: CONFIRM Type: Vendor Advisory http://service.real.com/realplayer/security/12102010_player/en/ Source: CCN Type: OSVDB ID: 69834 RealPlayer Multiple Products ICY SHOUTcast Stream StreamTitle Tag Use-after-free Arbitrary Code Execution Source: REDHAT Type: UNKNOWN RHSA-2010:0981 Source: CCN Type: BID-45407 Real Networks RealPlayer 'StreamTitle' Heap Corruption Vulnerability Source: SECTRACK Type: UNKNOWN 1024861 Source: MISC Type: UNKNOWN http://www.zerodayinitiative.com/advisories/ZDI-10-270 Source: XF Type: UNKNOWN realplayer-icy-code-exec(64001) Source: CCN Type: ZDI-10-270 RealNetworks RealPlayer ICY Protocol StreamTitle Remote Code Execution Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration 4: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||