Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0387

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2004-0387
Last Modified 07 Mar 2011 09:15:48
Published 01 Jun 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0387

Summary

Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.

Vulnerable Systems

Application

  • Realnetworks Realone Player

  • Realnetworks Realone Player 10 Beta

  • Realnetworks Realplayer 8.0


References

XF - realplayer-r3t-bo(15774)

CONFIRM - http://www.service.real.com/help/faq/security/040406_r3t/en/

MISC - http://www.ngssoftware.com/advisories/realr3t.txt

BUGTRAQ - 20040307 REAL One Player R3T File Format Stack Overflow

BID - 10070

OSVDB - 4977

SECUNIA - 11314


Last Updated: 27 May 2016 10:38:35