NVD

Id
54431  
Name
CVE-2007-2264  
Description
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-10-31  
Modified Date
2011-10-17  
Seq
2007-2264  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
276097 54431 CVE-2007-2264 oval:org.mitre.oval:def:9100  View
276098 54431 CVE-2007-2264 1018866  View
276099 54431 CVE-2007-2264 http://service.real.com/realplayer/security/10252007_player/en/  View
276100 54431 CVE-2007-2264 20071030 RealPlayer Updates of October 25, 2007  View
276101 54431 CVE-2007-2264 20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability  View
276102 54431 CVE-2007-2264 26214  View
276103 54431 CVE-2007-2264 ADV-2007-3628  View
276104 54431 CVE-2007-2264 http://www.zerodayinitiative.com/advisories/ZDI-07-063.html  View
276105 54431 CVE-2007-2264 realplayer-ram-bo(37437)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52215 JVNDB-2007-000905 複数のRealNetworks 製品における RAM ファイルの取り扱いに関するバッファオーバーフローの脆弱性 複数の RealNetworks 製品には、RAM ファイル (.ra, .ram) の RA ヘッダにおける size 値の取り扱いに不備が存在するために、ヒープベースのバッファオーバーフローが発生する脆弱性が存在します。 CVE-2007-2264 25619 CVE-2007-2264 54431 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000905.html 2007-10-25 2007-11-08 View