cvelistv5 - cve-2009-4257

CVE-2009-4257 (GCVE-0-2009-4257)

Vulnerability from cvelistv5

Published

2010-01-25 19:00

Modified

2024-08-07 06:54

Severity ?

CWE

Summary

Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.

References

URL

Tags

	http://www.redhat.com/support/errata/RHSA-2010-0094.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/archive/1/509105/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2010/0178	vdb-entry, x_refsource_VUPEN
	http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html	mailing-list, x_refsource_MLIST
	https://exchange.xforce.ibmcloud.com/vulnerabilities/55798	vdb-entry, x_refsource_XF
	http://securitytracker.com/id?1023489	vdb-entry, x_refsource_SECTRACK
	http://service.real.com/realplayer/security/01192010_player/en/	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=561309	x_refsource_CONFIRM
	http://secunia.com/advisories/38450	third-party-advisory, x_refsource_SECUNIA
	https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/38218	third-party-advisory, x_refsource_SECUNIA
	http://www.zerodayinitiative.com/advisories/ZDI-10-007/	x_refsource_MISC
	http://www.securityfocus.com/bid/37880	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:10.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2010:0094",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
          },
          {
            "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
          },
          {
            "name": "ADV-2010-0178",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0178"
          },
          {
            "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
          },
          {
            "name": "realnetworks-realplayer-smil-bo(55798)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
          },
          {
            "name": "1023489",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023489"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://service.real.com/realplayer/security/01192010_player/en/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
          },
          {
            "name": "38450",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
          },
          {
            "name": "oval:org.mitre.oval:def:11110",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
          },
          {
            "name": "38218",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38218"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
          },
          {
            "name": "37880",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37880"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2010:0094",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
        },
        {
          "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
        },
        {
          "name": "ADV-2010-0178",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0178"
        },
        {
          "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
        },
        {
          "name": "realnetworks-realplayer-smil-bo(55798)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
        },
        {
          "name": "1023489",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023489"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://service.real.com/realplayer/security/01192010_player/en/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
        },
        {
          "name": "38450",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
        },
        {
          "name": "oval:org.mitre.oval:def:11110",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
        },
        {
          "name": "38218",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38218"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
        },
        {
          "name": "37880",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37880"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4257",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2010:0094",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
            },
            {
              "name": "20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/509105/100/0/threaded"
            },
            {
              "name": "ADV-2010-0178",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0178"
            },
            {
              "name": "[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12",
              "refsource": "MLIST",
              "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html"
            },
            {
              "name": "realnetworks-realplayer-smil-bo(55798)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55798"
            },
            {
              "name": "1023489",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023489"
            },
            {
              "name": "http://service.real.com/realplayer/security/01192010_player/en/",
              "refsource": "CONFIRM",
              "url": "http://service.real.com/realplayer/security/01192010_player/en/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561309",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561309"
            },
            {
              "name": "38450",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38450"
            },
            {
              "name": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12",
              "refsource": "CONFIRM",
              "url": "https://helixcommunity.org/viewcvs/datatype/smil/common/smlpkt.cpp?view=log#rev1.12"
            },
            {
              "name": "oval:org.mitre.oval:def:11110",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110"
            },
            {
              "name": "38218",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38218"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-007/"
            },
            {
              "name": "37880",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37880"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4257",
    "datePublished": "2010-01-25T19:00:00.000Z",
    "dateReserved": "2009-12-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T06:54:10.213Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2010-AVI-023

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans les produits RealNetworks permettent à un utilisateur distant malintentionné de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

Onze vulnérabilités, de type débordement de mémoire, ont été découvertes dans les produits RealPlayer et Helix Player. Ces vulnérabilités peuvent être exploitées par une personne distante malveillante afin de provoquer un déni de service ou encore d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions suivantes pour Microsoft Windows sont affectées :

RealPlayer SP 1.0.0 et 1.0.1 ;
RealPlayer 11.x ;
RealPlayer 10.x ;
RealPlayer Enterprise.

Les versions suivantes pour Mac OS sont affectées :

Mac RealPlayer 11.x ;
Mac RealPlayer 10.x.

Les versions suivantes pour GNU/Linux sont affectées :

GNU/Linux RealPlayer 11.x ;
GNU/Linux RealPlayer 10.x ;
Helix RealPlayer 11.x ;
Helix RealPlayer 10.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Mise à jour de sécurité RealNetworks du 19 janvier 2010	None	vendor-advisory
Bulletin de sécurité Sun Solaris du 13 juillet 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLes versions suivantes pour Microsoft  Windows sont affect\u00e9es :  \u003cUL\u003e    \u003cLI\u003eRealPlayer SP 1.0.0 et 1.0.1 ;\u003c/LI\u003e    \u003cLI\u003eRealPlayer 11.x ;\u003c/LI\u003e    \u003cLI\u003eRealPlayer 10.x ;\u003c/LI\u003e    \u003cLI\u003eRealPlayer Enterprise.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes versions suivantes pour Mac OS sont affect\u00e9es :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003eMac RealPlayer 11.x ;\u003c/LI\u003e    \u003cLI\u003eMac RealPlayer 10.x.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes versions suivantes pour GNU/Linux sont affect\u00e9es :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003eGNU/Linux RealPlayer 11.x ;\u003c/LI\u003e    \u003cLI\u003eGNU/Linux RealPlayer 10.x ;\u003c/LI\u003e    \u003cLI\u003eHelix RealPlayer 11.x ;\u003c/LI\u003e    \u003cLI\u003eHelix RealPlayer 10.x.\u003c/LI\u003e  \u003c/UL\u003e\u003c/p\u003e",
  "content": "## Description\n\nOnze vuln\u00e9rabilit\u00e9s, de type d\u00e9bordement de m\u00e9moire, ont \u00e9t\u00e9 d\u00e9couvertes\ndans les produits RealPlayer et Helix Player. Ces vuln\u00e9rabilit\u00e9s peuvent\n\u00eatre exploit\u00e9es par une personne distante malveillante afin de provoquer\nun d\u00e9ni de service ou encore d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-4246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4246"
    },
    {
      "name": "CVE-2009-0376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0376"
    },
    {
      "name": "CVE-2009-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4242"
    },
    {
      "name": "CVE-2009-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4248"
    },
    {
      "name": "CVE-2009-4245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4245"
    },
    {
      "name": "CVE-2009-4241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4241"
    },
    {
      "name": "CVE-2009-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4247"
    },
    {
      "name": "CVE-2009-0375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0375"
    },
    {
      "name": "CVE-2009-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4243"
    },
    {
      "name": "CVE-2009-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4244"
    },
    {
      "name": "CVE-2009-4257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4257"
    }
  ],
  "initial_release_date": "2010-01-21T00:00:00",
  "last_revision_date": "2010-07-15T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Sun Solaris du 13 juillet 2010 :",
      "url": "http://blogs.sun.com/security/entry/cve_2009_4247_buffer_overflow"
    }
  ],
  "reference": "CERTA-2010-AVI-023",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2010-01-21T00:00:00.000000"
    },
    {
      "description": "correction du lien vers la mise \u00e0 jour de s\u00e9curit\u00e9 ;",
      "revision_date": "2010-02-16T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Sun Solaris.",
      "revision_date": "2010-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les produits RealNetworks permettent \u00e0 un\nutilisateur distant malintentionn\u00e9 de provoquer un d\u00e9ni de service ou\nd\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Realplayer et Helix Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 RealNetworks du 19 janvier 2010",
      "url": "http://service.real.com/realplayer/security/01192010_player/fr/"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-4257 (GCVE-0-2009-4257)

Vulnerability from cvelistv5

CERTA-2010-AVI-023

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature