CVE-2010-0417
published 2010-02-18CVE-2010-0417: Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or…
PriorityP427medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
4.15%
89.6th percentile
Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | helix_player | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
RealPlayer: rule book handling heap corruption
vendor_redhat·2008-01-14·CVSS 5.0
CVE-2010-0417 [MEDIUM] RealPlayer: rule book handling heap corruption
RealPlayer: rule book handling heap corruption
Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption.
VulDB
RealNetworks Helix Player 1.0.6 memory corruption (Nessus ID 44428 / ID 155701)
vuldb·2026-05-01·CVSS 5.0
CVE-2010-0417 [MEDIUM] RealNetworks Helix Player 1.0.6 memory corruption (Nessus ID 44428 / ID 155701)
A vulnerability categorized as critical has been discovered in RealNetworks Helix Player 1.0.6. Impacted is an unknown function. Executing a manipulation can lead to memory corruption.
This vulnerability is tracked as CVE-2010-0417. The attack can be launched remotely. No exploit exists.
GHSA
GHSA-hvpw-g59w-9xjx: Buffer overflow in common/util/rlstate
ghsa_unreviewed·2022-05-02
CVE-2010-0417 [MEDIUM] CWE-119 GHSA-hvpw-g59w-9xjx: Buffer overflow in common/util/rlstate
Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption.
No detection rules found.
No public exploits indexed.
http://lists.helixcommunity.org/pipermail/common-cvs/2008-January/015484.htmlhttp://secunia.com/advisories/38450http://www.redhat.com/support/errata/RHSA-2010-0094.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=561860https://helixcommunity.org/viewcvs/common/util/rlstate.cpp?view=log#rev1.10https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11364http://lists.helixcommunity.org/pipermail/common-cvs/2008-January/015484.htmlhttp://secunia.com/advisories/38450http://www.redhat.com/support/errata/RHSA-2010-0094.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=561860https://helixcommunity.org/viewcvs/common/util/rlstate.cpp?view=log#rev1.10https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11364
2010-02-18
Published