CVE-2009-4247

25.01.2010, 19:30

Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 92%

Vendor	Product	Version
realnetworks	realplayer	10.0
realnetworks	realplayer	10.5
realnetworks	realplayer	11.0
realnetworks	realplayer	11.0.1
realnetworks	realplayer	11.0.2
realnetworks	realplayer	11.0.3
realnetworks	realplayer	11.0.4
realnetworks	realplayer	11.0.5
realnetworks	realplayer_enterprise	*
realnetworks	realplayer_sp	1.0.0
realnetworks	realplayer_sp	1.0.1
realnetworks	realplayer	10.0
realnetworks	realplayer	10.1
realnetworks	realplayer	11.0
realnetworks	realplayer	11.0.1
realnetworks	helix_player	10.0
realnetworks	helix_player	11.0.0
realnetworks	helix_player	11.0.1
realnetworks	realplayer	10.0
realnetworks	realplayer	11.0.0
realnetworks	realplayer	11.0.1

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

realplay

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
dapper	ignored

realplayer

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
dapper	ignored

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html

http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html

http://secunia.com/advisories/38218

http://secunia.com/advisories/38450

http://securitytracker.com/id?1023489

http://service.real.com/realplayer/security/01192010_player/en/

http://www.redhat.com/support/errata/RHSA-2010-0094.html

http://www.securityfocus.com/bid/37880

http://www.vupen.com/english/advisories/2010/0178

https://bugzilla.redhat.com/show_bug.cgi?id=561338

https://exchange.xforce.ibmcloud.com/vulnerabilities/55802

https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677

http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.html

http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.html

http://secunia.com/advisories/38218

http://secunia.com/advisories/38450

http://securitytracker.com/id?1023489

http://service.real.com/realplayer/security/01192010_player/en/

http://www.redhat.com/support/errata/RHSA-2010-0094.html

http://www.securityfocus.com/bid/37880

http://www.vupen.com/english/advisories/2010/0178

https://bugzilla.redhat.com/show_bug.cgi?id=561338

https://exchange.xforce.ibmcloud.com/vulnerabilities/55802

https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677