CVE-2009-4242
published 2010-01-25CVE-2009-4242: Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5…
PriorityP352critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
8.45%
94.3th percentile
Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | helix_player | — | — |
| realnetworks | helix_player | — | — |
| realnetworks | helix_player | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer_sp | — | — |
| realnetworks | realplayer_sp | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
RealNetworks RealPlayer up to 11.0.5 GetPacketBuffer memory corruption (Nessus ID 67994 / ID 116821)
vuldb·2026-04-29·CVSS 9.3
CVE-2009-4242 [CRITICAL] RealNetworks RealPlayer up to 11.0.5 GetPacketBuffer memory corruption (Nessus ID 67994 / ID 116821)
A vulnerability classified as critical was found in RealNetworks RealPlayer up to 11.0.5. This issue affects the function CGIFCodec::GetPacketBuffer. The manipulation results in memory corruption.
This vulnerability is known as CVE-2009-4242. It is possible to launch the attack remotely. No exploit is available.
GHSA
GHSA-x57c-5473-xjq4: Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec
ghsa_unreviewed·2022-05-02
CVE-2009-4242 [HIGH] CWE-119 GHSA-x57c-5473-xjq4: Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec
Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
Red Hat
RealPlayer: GIF file heap overflow
vendor_redhat·2008-09-10·CVSS 9.3
CVE-2009-4242 [CRITICAL] RealPlayer: GIF file heap overflow
RealPlayer: GIF file heap overflow
Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2009-4242 HelixPlayer / RealPlayer: GIF file heap overflow
bugzilla·2010-02-03·CVSS 9.3
CVE-2009-4242 [CRITICAL] CVE-2009-4242 HelixPlayer / RealPlayer: GIF file heap overflow
CVE-2009-4242 HelixPlayer / RealPlayer: GIF file heap overflow
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-4242 to the following vulnerability:
Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5
6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4;
RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10;
and Helix Player 10.x allows remote attackers to execute arbitrary code via a
GIF file with crafted chunk sizes that trigger improper memory allocation.
References:
http://service.real.com/realplayer/security/01192010_player/en/
http://www.zerodayinitiative.com/advisories/ZDI-10-006/
http://www.securityfocus.com/archive/1/509096/100/0/threaded
http://xforce.iss.net/xforce/xfdb/55795
Discussion:
Accor
Bugzilla
HelixPlayer / RealPlayer: multiple security issues (01192010_player)
bugzilla·2010-01-29·CVSS 9.3
[CRITICAL] HelixPlayer / RealPlayer: multiple security issues (01192010_player)
HelixPlayer / RealPlayer: multiple security issues (01192010_player)
RealNetworks has published a security advisory mentioning 11 security issues affecting various RealPlayer / HelixPlayer versions:
http://service.real.com/realplayer/security/01192010_player/en/
Upstream advisory does not specify which issues should be applicable to HelixPlayer 1.0.x versions (Affected? By various).
Some of the issues are covered by 3rd party advisories (e.g. ZDI) listed below.
Vulnerability 1:
The identified vulnerability is a RealPlayer ASM Rulebook heap-based buffer overflow: CVE-2009-4241
http://www.zerodayinitiative.com/advisories/ZDI-10-005/
Vulnerability 2:
The identified vulnerability is a RealPlayer GIF file Heap Overflow: CVE-2009-4242
http://www.zerodayinitiative.com/advisories/ZDI-10-006/
http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.htmlhttp://osvdb.org/61966http://secunia.com/advisories/38218http://secunia.com/advisories/38450http://securitytracker.com/id?1023489http://service.real.com/realplayer/security/01192010_player/en/http://www.redhat.com/support/errata/RHSA-2010-0094.htmlhttp://www.securityfocus.com/archive/1/509096/100/0/threadedhttp://www.securityfocus.com/bid/37880http://www.vupen.com/english/advisories/2010/0178http://www.zerodayinitiative.com/advisories/ZDI-10-006/https://bugzilla.redhat.com/show_bug.cgi?id=561436https://exchange.xforce.ibmcloud.com/vulnerabilities/55795https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.htmlhttp://osvdb.org/61966http://secunia.com/advisories/38218http://secunia.com/advisories/38450http://securitytracker.com/id?1023489http://service.real.com/realplayer/security/01192010_player/en/http://www.redhat.com/support/errata/RHSA-2010-0094.htmlhttp://www.securityfocus.com/archive/1/509096/100/0/threadedhttp://www.securityfocus.com/bid/37880http://www.vupen.com/english/advisories/2010/0178http://www.zerodayinitiative.com/advisories/ZDI-10-006/https://bugzilla.redhat.com/show_bug.cgi?id=561436https://exchange.xforce.ibmcloud.com/vulnerabilities/55795https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.8https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144
2010-01-25
Published