CVE-2010-0117

EUVD-2010-0149
RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
realnetworksrealplayer
11.0
realnetworksrealplayer
11.1
realnetworksrealplayer_sp
1.0.0
realnetworksrealplayer_sp
1.0.1
realnetworksrealplayer_sp
1.0.2
realnetworksrealplayer_sp
1.0.5
realnetworksrealplayer_sp
1.1
realnetworksrealplayer_sp
1.1.1
realnetworksrealplayer_sp
1.1.2
realnetworksrealplayer_sp
1.1.3
realnetworksrealplayer_sp
1.1.4
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/41096
http://secunia.com/advisories/41154
http://secunia.com/secunia_research/2010-5/
http://service.real.com/realplayer/security/08262010_player/en/
http://www.securitytracker.com/id?1024370
http://www.vupen.com/english/advisories/2010/2216
https://exchange.xforce.ibmcloud.com/vulnerabilities/61421
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7169
http://secunia.com/advisories/41096
http://secunia.com/advisories/41154
http://secunia.com/secunia_research/2010-5/
http://service.real.com/realplayer/security/08262010_player/en/
http://www.securitytracker.com/id?1024370
http://www.vupen.com/english/advisories/2010/2216
https://exchange.xforce.ibmcloud.com/vulnerabilities/61421
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7169