VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-2579
realplayer, realplayer_sp: The cook codec in RealNetworks RealPlayer 11.0 thro...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2579

Original

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory access" via unknown vectors.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-12-14
Source Information Category:
Advisory, Alert
Last Updated:
2010-12-14




Affected Product Tags
cpe:/a:realnetworks:realplayer:11.0
cpe:/a:realnetworks:realplayer:11.0.1
cpe:/a:realnetworks:realplayer:11.0.2
cpe:/a:realnetworks:realplayer:11.0.2.1744
cpe:/a:realnetworks:realplayer:11.0.3
cpe:/a:realnetworks:realplayer:11.0.4
cpe:/a:realnetworks:realplayer:11.0.5
cpe:/a:realnetworks:realplayer:11.1
cpe:/a:realnetworks:realplayer_sp:1.0.0
cpe:/a:realnetworks:realplayer_sp:1.0.1
cpe:/a:realnetworks:realplayer_sp:1.0.2
cpe:/a:realnetworks:realplayer_sp:1.0.5
cpe:/a:realnetworks:realplayer_sp:1.1
cpe:/a:realnetworks:realplayer_sp:1.1.1
cpe:/a:realnetworks:realplayer_sp:1.1.2
cpe:/a:realnetworks:realplayer_sp:1.1.3
cpe:/a:realnetworks:realplayer_sp:1.1.4
cpe:/o:apple:mac_os_x
cpe:/o:linux:linux_kernel
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
Alternatives




References
CONFIRM http://service.real.com/realplayer/security/12102010_player/en/




Vulnerability Type Other (NVD-CWE-Other)




Copyright © 2010 JPCERT/CC All Rights Reserved.