CVE-2007-5400
published 2008-07-28CVE-2007-5400: Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
6.77%
93.2th percentile
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| real | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
RealPlayer: SWF Frame Handling Buffer Overflow
vendor_redhat·2008-07-25·CVSS 9.3
CVE-2007-5400 [CRITICAL] RealPlayer: SWF Frame Handling Buffer Overflow
RealPlayer: SWF Frame Handling Buffer Overflow
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
GHSA
GHSA-qw24-6ccm-w25c: Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10
ghsa_unreviewed·2022-05-01
CVE-2007-5400 [HIGH] CWE-119 GHSA-qw24-6ccm-w25c: Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://secunia.com/advisories/27620http://secunia.com/advisories/31321http://secunia.com/advisories/35416http://secunia.com/secunia_research/2007-93/advisory/http://securityreason.com/securityalert/4048http://service.real.com/realplayer/security/07252008_player/en/http://www.kb.cert.org/vuls/id/298651http://www.redhat.com/support/errata/RHSA-2008-0812.htmlhttp://www.securityfocus.com/archive/1/494749/100/0/threadedhttp://www.securityfocus.com/bid/30370http://www.securitytracker.com/id?1020562http://www.vupen.com/english/advisories/2008/2194/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/43996http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://secunia.com/advisories/27620http://secunia.com/advisories/31321http://secunia.com/advisories/35416http://secunia.com/secunia_research/2007-93/advisory/http://securityreason.com/securityalert/4048http://service.real.com/realplayer/security/07252008_player/en/http://www.kb.cert.org/vuls/id/298651http://www.redhat.com/support/errata/RHSA-2008-0812.htmlhttp://www.securityfocus.com/archive/1/494749/100/0/threadedhttp://www.securityfocus.com/bid/30370http://www.securitytracker.com/id?1020562http://www.vupen.com/english/advisories/2008/2194/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/43996
2008-07-28
Published