Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2016-9018

Published: 28/10/2016 Updated: 29/11/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Realnetworks

Vulnerability Summary

Improper handling of a repeating VRAT chunk in qcpfformat.dll allows malicious users to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file.

Vulnerable Product Search on Vulmon Subscribe to Product

realnetworks realplayer 18.1.5.705

Exploits

Exploit DB: RealPlayer 18.1.5.705 - '.QCP' Crash (PoC)
Tested on: Win7 / Win10 x64 Date: October 20th 2016 Vendor homepage: wwwrealcom Software link: realplayer-downloadrealcom/free/windows/installer/stubinst/stub/rt1/T10EUDRP/RealTimes-RealPlayerexe File version (both realplayexe and qcpfformatdll): 1815705 Exploit author: Alwin Peppels Found with: Peach Fuzzer Context: ...

References

CWE-476https://www.exploit-db.com/exploits/40617/http://www.securityfocus.com/bid/94239https://nvd.nist.govhttps://www.exploit-db.com/exploits/40617/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook