admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-42xx/CVE-2009-4245.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

369 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-4245",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-01-25T19:30:01.433",
"lastModified": "2024-11-21T01:09:14.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en RealNetworks RealPlayer 10, RealPlayer v10.5 6.0.12.1040 hasta v6.0.12.1741, RealPlayer 11 v11.0.0 hasta v11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 y v10.1, Linux RealPlayer 10, y Helix Player v10.x, permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de una imagen GIF comprimida."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD49D16C-B0AC-4228-9984-010661596232"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "348F3214-E5C2-4D39-916F-1B0263D13F40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8985B3B-BCC9-431D-9788-0C1949DF46E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7517C2-71A8-4223-9F9A-2FE5A2153B53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11B7CB5F-ACFA-439B-A9B7-54DA402A6029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A681B8-62F1-4B23-9E0B-39C61BE72F44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F826B276-91E6-495E-B429-51B1C5ECB146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A732E6C-108F-447F-98B1-EA774A0537EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F948D474-2380-482C-8A63-88984AC2A86B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BFD9C4F-E93B-4BCE-A5E2-A20945EB8534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBEBAA2-4892-4F9E-8C0E-94CA90DCD28D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD49D16C-B0AC-4228-9984-010661596232"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D2A323-5614-4569-AFE5-49CB99ACA279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8985B3B-BCC9-431D-9788-0C1949DF46E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7517C2-71A8-4223-9F9A-2FE5A2153B53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:helix_player:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74F2CA71-BD09-451C-931C-433024B6BF87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:helix_player:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD002505-9F93-4243-BCF9-89421FDB7C0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:helix_player:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94D7BB02-13EA-4F39-B751-DDF9AB50F868"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "63F83DBE-F01B-4D6B-9CC4-D5170C2C1D44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "C9C8FE03-BB75-4F67-ADE4-891B6B956018"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "A1577DE0-6C52-4BE6-8E5F-D90B2DAE8BD2"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/61969",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/38218",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/38450",
"source": "cve@mitre.org"
},
{
"url": "http://securitytracker.com/id?1023489",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://service.real.com/realplayer/security/01192010_player/en/",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/37880",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2010/0178",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800",
"source": "cve@mitre.org"
},
{
"url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
"source": "cve@mitre.org"
},
{
"url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
"source": "cve@mitre.org"
},
{
"url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998",
"source": "cve@mitre.org"
},
{
"url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://osvdb.org/61969",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/38218",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/38450",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securitytracker.com/id?1023489",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "http://service.real.com/realplayer/security/01192010_player/en/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/37880",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.vupen.com/english/advisories/2010/0178",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorComment": "Specific affected release information can be found from RealNetworks at: \r\n\r\nhttp://service.real.com/realplayer/security/01192010_player/en/"
}
Reference in New Issue View Git Blame Copy Permalink