CVE-2009-0375
published 2009-02-08CVE-2009-0375: Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
5.74%
92.1th percentile
Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | realplayer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x474-4899-v7hv: Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10
ghsa_unreviewed·2022-05-02
CVE-2009-0375 [HIGH] CWE-94 GHSA-x474-4899-v7hv: Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10
Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin.
Red Hat
RealPlayer: multiple security issues (01192010_player)
vendor_redhat·2010-01-19·CVSS 9.3
CVE-2009-0375 [CRITICAL] RealPlayer: multiple security issues (01192010_player)
RealPlayer: multiple security issues (01192010_player)
Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin.
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/33810http://secunia.com/advisories/38218http://service.real.com/realplayer/security/01192010_player/en/http://www.fortiguardcenter.com/advisory/FGA-2009-04.htmlhttp://www.securityfocus.com/archive/1/500722/100/0/threadedhttp://www.securityfocus.com/bid/33652http://www.vupen.com/english/advisories/2010/0178https://exchange.xforce.ibmcloud.com/vulnerabilities/48567http://secunia.com/advisories/33810http://secunia.com/advisories/38218http://service.real.com/realplayer/security/01192010_player/en/http://www.fortiguardcenter.com/advisory/FGA-2009-04.htmlhttp://www.securityfocus.com/archive/1/500722/100/0/threadedhttp://www.securityfocus.com/bid/33652http://www.vupen.com/english/advisories/2010/0178https://exchange.xforce.ibmcloud.com/vulnerabilities/48567
2009-02-08
Published