Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-4384 | First vendor Publication | 2010-12-14 |
Vendor | Cve | Last vendor Modification | 2011-01-26 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Array index error in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via a malformed Media Properties Header (aka MDPR) in a RealMedia file. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4384 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 x86_64 File : nvt/gb_CESA-2010_0981_HelixPlayer-uninstall_centos4_x86_64.nasl |
2011-08-09 | Name : CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 i386 File : nvt/gb_CESA-2010_0981_HelixPlayer-uninstall_centos4_i386.nasl |
2010-12-29 | Name : RealNetworks RealPlayer Multiple Vulnerabilities (Linux) - Dec 10 File : nvt/gb_realplayer_mult_vuln_lin_dec10.nasl |
2010-12-29 | Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10 File : nvt/gb_realplayer_mult_vuln_win_04_dec10.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69845 | RealPlayer Multiple Products RealMedia File MDPR Header Array Index Error Arb... A memory corruption flaw exists in RealPlayer. The program fails to sanitize user-supplied input containing a malformed Media Properties Header (MDPR) resulting in memory corruption. With a specially crafted MDPR in a RealMedia file, a context-dependent attacker can execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host has a deprecated application. File : oraclelinux_ELSA-2010-0981.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101214_HelixPlayer_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0981.nasl - Type : ACT_GATHER_INFO |
2010-12-15 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0981.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : An application on the remote Windows host is affected by multiple vulnerabili... File : realplayer_12_0_1_609.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:12:50 |
|
2021-04-22 01:13:29 |
|
2020-05-23 00:26:58 |
|
2016-06-29 00:16:34 |
|
2014-02-17 10:58:46 |
|
2013-05-10 23:37:55 |
|