Back to search
CVE-2007-5601
Published: Oct 20, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
27248
third-party-advisory
x_refsource_SECUNIA
VU#871673
third-party-advisory
x_refsource_CERT-VN
1018843
vdb-entry
x_refsource_SECTRACK
ADV-2007-3548
vdb-entry
x_refsource_VUPEN
http://www.infosecblog.org/2007/10/nasa-bans-ie.html
x_refsource_MISC
26130
vdb-entry
x_refsource_BID
TA07-297A
third-party-advisory
x_refsource_CERT
http://service.real.com/realplayer/security/191007_player/en/
x_refsource_CONFIRM
realplayer-activex-bo(37280)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now