CVE-2007-2263
published 2007-10-31CVE-2007-2263: Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to…
PriorityP344critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
7.30%
93.6th percentile
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | realone_player | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fchj-96vm-p9r2: Heap-based buffer overflow in RealNetworks RealPlayer 10
ghsa_unreviewed·2022-05-01
CVE-2007-2263 [HIGH] CWE-119 GHSA-fchj-96vm-p9r2: Heap-based buffer overflow in RealNetworks RealPlayer 10
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
Red Hat
realplayer swf file (flash media) heap overflow
vendor_redhat·2007-10-25·CVSS 9.3
CVE-2007-2263 [CRITICAL] realplayer swf file (flash media) heap overflow
realplayer swf file (flash media) heap overflow
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
No detection rules found.
No public exploits indexed.
http://osvdb.org/38344http://secunia.com/advisories/27361http://service.real.com/realplayer/security/10252007_player/en/http://www.attrition.org/pipermail/vim/2007-October/001841.htmlhttp://www.securityfocus.com/archive/1/483110/100/0/threadedhttp://www.securityfocus.com/bid/26214http://www.securityfocus.com/bid/26284http://www.securitytracker.com/id?1018866http://www.vupen.com/english/advisories/2007/3628http://www.zerodayinitiative.com/advisories/ZDI-07-061.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/37436https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432http://osvdb.org/38344http://secunia.com/advisories/27361http://service.real.com/realplayer/security/10252007_player/en/http://www.attrition.org/pipermail/vim/2007-October/001841.htmlhttp://www.securityfocus.com/archive/1/483110/100/0/threadedhttp://www.securityfocus.com/bid/26214http://www.securityfocus.com/bid/26284http://www.securitytracker.com/id?1018866http://www.vupen.com/english/advisories/2007/3628http://www.zerodayinitiative.com/advisories/ZDI-07-061.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/37436https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432
2007-10-31
Published