cbcvebase.
CVE-2007-2264
published 2007-10-31

CVE-2007-2264: Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers…

PriorityP343critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
7.30%
93.6th percentile
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.

Affected

6 ranges
VendorProductVersion rangeFixed in
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.