CVE-2009-4242

EUVD-2009-4211

25.01.2010, 19:30

Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Affected Products (NVD)

Vendor	Product	Version
realnetworks	realplayer	10.0
realnetworks	realplayer	10.5
realnetworks	realplayer	11.0
realnetworks	realplayer	11.0.1
realnetworks	realplayer	11.0.2
realnetworks	realplayer	11.0.3
realnetworks	realplayer	11.0.4
realnetworks	realplayer	11.0.5
realnetworks	realplayer_enterprise	*
realnetworks	realplayer_sp	1.0.0
realnetworks	realplayer_sp	1.0.1
realnetworks	realplayer	10.0
realnetworks	realplayer	10.1
realnetworks	realplayer	11.0
realnetworks	realplayer	11.0.1
realnetworks	helix_player	10.0
realnetworks	helix_player	11.0.0
realnetworks	helix_player	11.0.1
realnetworks	realplayer	10.0
realnetworks	realplayer	11.0.0
realnetworks	realplayer	11.0.1

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

realplay

dapper	ignored
hardy	dne
intrepid	dne
jaunty	dne
karmic	dne

realplayer

dapper	ignored
hardy	dne
intrepid	dne
jaunty	dne
karmic	dne

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html

http://osvdb.org/61966

http://secunia.com/advisories/38218

http://secunia.com/advisories/38450

http://securitytracker.com/id?1023489

http://service.real.com/realplayer/security/01192010_player/en/

http://www.redhat.com/support/errata/RHSA-2010-0094.html

http://www.securityfocus.com/archive/1/509096/100/0/threaded

http://www.securityfocus.com/bid/37880

http://www.vupen.com/english/advisories/2010/0178

http://www.zerodayinitiative.com/advisories/ZDI-10-006/

https://bugzilla.redhat.com/show_bug.cgi?id=561436

https://exchange.xforce.ibmcloud.com/vulnerabilities/55795

https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144

http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html

http://osvdb.org/61966

http://secunia.com/advisories/38218

http://secunia.com/advisories/38450

http://securitytracker.com/id?1023489

http://service.real.com/realplayer/security/01192010_player/en/

http://www.redhat.com/support/errata/RHSA-2010-0094.html

http://www.securityfocus.com/archive/1/509096/100/0/threaded

http://www.securityfocus.com/bid/37880

http://www.vupen.com/english/advisories/2010/0178

http://www.zerodayinitiative.com/advisories/ZDI-10-006/

https://bugzilla.redhat.com/show_bug.cgi?id=561436

https://exchange.xforce.ibmcloud.com/vulnerabilities/55795

https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144