Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-4242
Description:Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4242
BugTraq ID: 37880
http://www.securityfocus.com/bid/37880
Bugtraq: 20100121 ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/509096/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-006/
http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008633.html
http://osvdb.org/61966
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144
RedHat Security Advisories: RHSA-2010:0094
http://www.redhat.com/support/errata/RHSA-2010-0094.html
http://securitytracker.com/id?1023489
http://secunia.com/advisories/38218
http://secunia.com/advisories/38450
http://www.vupen.com/english/advisories/2010/0178
XForce ISS Database: realplayer-gif-bo(55795)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55795




© 1998-2024 E-Soft Inc. All rights reserved.