[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253650

 
 

909

 
 

197367

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-2710Date: (C)2005-09-27   (M)2023-12-22


Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-16954
SECUNIA-16961
SECUNIA-16981
SECUNIA-17116
SECUNIA-17127
http://marc.info/?l=full-disclosure&m=112775929608219&w=2
http://marc.info/?l=bugtraq&m=112785544325326&w=2
http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities
SREASON-27
SREASON-41
DSA-826
GLSA-200510-07
RHSA-2005:762
RHSA-2005:788
SUSE-SA:2005:059
VU#361181
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078
http://www.open-security.org/advisories/13
oval:org.mitre.oval:def:11015

CPE    1
cpe:/a:realnetworks:realplayer:10.0

© SecPod Technologies