Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RealNetworks RealPlayer IVR文件解析多个代码执行漏洞
Vulnerability Description
RealNetworks RealNetworks RealPlayer是美国RealNetworks公司开发的一套媒体播放器产品。该产品提供下载/转换视频(在网页中)、编辑视频、管理媒体文件等功能。 RealNetworks RealPlayer的IVR文件处理例程中存在基于堆的缓冲区溢出漏洞。如果攻击者更改了IVR文件中用于确定结构长度的字段的话,就可以触发堆溢出;如果在IVR文件中设置了超长的文件名长度值的话,就会向任意内存地址写入一个空字节。该漏洞存在于一个可用作Windows资源管理器shell
CVSS Information
N/A
Vulnerability Type
N/A