CVE-2014-3113

EUVD-2014-3134
Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 allow remote attackers to execute arbitrary code via a malformed (1) elst or (2) stsz atom in an MP4 file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
realnetworksrealplayer
𝑥
≤ 17.0.8.22
realnetworksrealplayer
17.0.4.60
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/59238
http://service.real.com/realplayer/security/06272014_player/en/
http://www.fortiguard.com/advisory/RealNetworks-RealPlayer-Memory-Corruption/
http://www.securitytracker.com/id/1030524
http://secunia.com/advisories/59238
http://service.real.com/realplayer/security/06272014_player/en/
http://www.fortiguard.com/advisory/RealNetworks-RealPlayer-Memory-Corruption/
http://www.securitytracker.com/id/1030524