CVE-2010-2997
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitle tag in an ICY SHOUTcast stream, related to the SMIL file format.
Affected (10)
Products: Realnetworks: Realplayer Sp, Realplayer
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.0.1 |
| Running on/with | Platform Versions |
|---|---|
Apple Mac Os X | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.0.2.1744 |
| Running on/with | Platform Versions |
|---|---|
Linux Linux Kernel | All versions |
Related CWEs
References (8)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.