CVE-2009-4247
published 2010-01-25CVE-2009-4247: Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x…
PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
6.83%
93.2th percentile
Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | helix_player | — | — |
| realnetworks | helix_player | — | — |
| realnetworks | helix_player | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer | — | — |
| realnetworks | realplayer_sp | — | — |
| realnetworks | realplayer_sp | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
RealPlayer: RTSP client ASM RuleBook stack buffer overflow
vendor_redhat·2009-08-28·CVSS 9.3
CVE-2009-4247 [CRITICAL] CWE-121 RealPlayer: RTSP client ASM RuleBook stack buffer overflow
RealPlayer: RTSP client ASM RuleBook stack buffer overflow
Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
GHSA
GHSA-9h7f-xvfq-hm25: Stack-based buffer overflow in protocol/rtsp/rtspclnt
ghsa_unreviewed·2022-05-02
CVE-2009-4247 [HIGH] CWE-119 GHSA-9h7f-xvfq-hm25: Stack-based buffer overflow in protocol/rtsp/rtspclnt
Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2009-4247 HelixPlayer / RealPlayer: RTSP client ASM RuleBook stack buffer overflow
bugzilla·2010-02-03·CVSS 9.3
CVE-2009-4247 [CRITICAL] CVE-2009-4247 HelixPlayer / RealPlayer: RTSP client ASM RuleBook stack buffer overflow
CVE-2009-4247 HelixPlayer / RealPlayer: RTSP client ASM RuleBook stack buffer overflow
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-4247 to the following vulnerability:
RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741;
RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac
RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1;
and Helix Player 10.x, 11.0.0, and 11.0.1 allow remote attackers to have an
unspecified impact via a crafted ASM RuleBook, related to an "array overflow."
References:
http://service.real.com/realplayer/security/01192010_player/en/
http://xforce.iss.net/xforce/xfdb/55802
Discussion:
Upstream patch:
http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August
Bugzilla
HelixPlayer / RealPlayer: multiple security issues (01192010_player)
bugzilla·2010-01-29·CVSS 9.3
[CRITICAL] HelixPlayer / RealPlayer: multiple security issues (01192010_player)
HelixPlayer / RealPlayer: multiple security issues (01192010_player)
RealNetworks has published a security advisory mentioning 11 security issues affecting various RealPlayer / HelixPlayer versions:
http://service.real.com/realplayer/security/01192010_player/en/
Upstream advisory does not specify which issues should be applicable to HelixPlayer 1.0.x versions (Affected? By various).
Some of the issues are covered by 3rd party advisories (e.g. ZDI) listed below.
Vulnerability 1:
The identified vulnerability is a RealPlayer ASM Rulebook heap-based buffer overflow: CVE-2009-4241
http://www.zerodayinitiative.com/advisories/ZDI-10-005/
Vulnerability 2:
The identified vulnerability is a RealPlayer GIF file Heap Overflow: CVE-2009-4242
http://www.zerodayinitiative.com/advisories/ZDI-10-006/
http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.htmlhttp://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.htmlhttp://secunia.com/advisories/38218http://secunia.com/advisories/38450http://securitytracker.com/id?1023489http://service.real.com/realplayer/security/01192010_player/en/http://www.redhat.com/support/errata/RHSA-2010-0094.htmlhttp://www.securityfocus.com/bid/37880http://www.vupen.com/english/advisories/2010/0178https://bugzilla.redhat.com/show_bug.cgi?id=561338https://exchange.xforce.ibmcloud.com/vulnerabilities/55802https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.htmlhttp://lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.htmlhttp://secunia.com/advisories/38218http://secunia.com/advisories/38450http://securitytracker.com/id?1023489http://service.real.com/realplayer/security/01192010_player/en/http://www.redhat.com/support/errata/RHSA-2010-0094.htmlhttp://www.securityfocus.com/bid/37880http://www.vupen.com/english/advisories/2010/0178https://bugzilla.redhat.com/show_bug.cgi?id=561338https://exchange.xforce.ibmcloud.com/vulnerabilities/55802https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677
2010-01-25
Published