CVE-2010-3000

Published: Aug 30, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.

Affected (11)

Products: Realnetworks: Realplayer, Realplayer Sp

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Realplayer	Version 11.0
Realnetworks Realplayer	Version 11.1

Configuration B

9 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Realnetworks Realplayer Sp	Version 1.0.0
Realnetworks Realplayer Sp	Version 1.0.1
Realnetworks Realplayer Sp	Version 1.0.2
Realnetworks Realplayer Sp	Version 1.0.5
Realnetworks Realplayer Sp	Version 1.1.1
Realnetworks Realplayer Sp	Version 1.1.2
Realnetworks Realplayer Sp	Version 1.1.3
Realnetworks Realplayer Sp	Version 1.1.4
Realnetworks Realplayer Sp	Version 1.1

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

References (18)

http://secunia.com/advisories/41096

Source: cve@mitre.org

http://secunia.com/advisories/41154

Source: cve@mitre.org

http://service.real.com/realplayer/security/08262010_player/en/

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/513383/100/0/threaded

Source: cve@mitre.org

http://www.securitytracker.com/id?1024370

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/2216

Source: cve@mitre.org

http://www.zerodayinitiative.com/advisories/ZDI-10-167

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/61423

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651

Source: cve@mitre.org

http://secunia.com/advisories/41096

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/41154

Source: af854a3a-2127-422b-91ae-364da2661108

http://service.real.com/realplayer/security/08262010_player/en/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/513383/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1024370

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2010/2216

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-10-167

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/61423

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.