Detections
Analytics
Real Networks RealPlayer < 15.0.6.14 Multiple Vulnerabilities
high Nessus Network Monitor Plugin ID 6574
Synopsis
The remote host is running an application that is vulnerable to multiple vulnerabilities.Description
The remote host is running RealPlayer, a multi-media application.RealPlayer builds earlier than 15.0.6.14 are potentially affected by multiple vulnerabilities :
- A buffer overflow error exists related to 'AAC' handling, specifically unpacking of the stream data. (CVE-2012-2407)
- A heap-corruption error exists related to the 'AAC SDK' decoding. (CVE-2012-2408)
- Two unspecified buffer overflow errors exist related to 'RealMedia'. (CVE-2012-2409, CVE-2012-2410)
- A divide-by-zero error exists related to 'RealAudio' and codec frame size. (CVE-2012-3234)
Solution
Upgrade to RealPlayer 15.0.6.14 or later.See Also
http://service.real.com/realplayer/security/09072012_player/en
Plugin Details
Severity: High
ID: 6574
Family: Web Clients
Published: 9/12/2012
Updated: 3/6/2019
Nessus ID: 62065
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:realnetworks:realplayer
Patch Publication Date: 9/7/2012
Vulnerability Publication Date: 9/7/2012
Reference Information
CVE: CVE-2012-2407, CVE-2012-2408, CVE-2012-2409, CVE-2012-2410, CVE-2012-3234
BID: 55473