cbcvebase.
CVE-2007-5080
published 2007-10-31

CVE-2007-5080: Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary…

PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
7.73%
93.9th percentile
Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.

Affected

4 ranges
VendorProductVersion rangeFixed in
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealplayer
realnetworksrealplayer

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.