Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/10/2007 Updated: 29/07/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote malicious users to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
realnetworks realone player 2.0
realnetworks realplayer 10.0
realnetworks realplayer 10.5
realnetworks realone player 1.0
realnetworks realplayer enterprise

CWE-189 http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/http://service.real.com/realplayer/security/10252007_player/en/http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.securityfocus.com/bid/26214 http://www.securitytracker.com/id?1018866 http://secunia.com/advisories/27361 http://www.kb.cert.org/vuls/id/759385 http://www.vupen.com/english/advisories/2007/3628 https://exchange.xforce.ibmcloud.com/vulnerabilities/37434 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/759385

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5080

Vulnerability Summary

References

Vulmon Search

About

Products

Connect