CVE - CVE-2007-5601

CVE-ID
CVE-2007-5601	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:http://www.infosecblog.org/2007/10/nasa-bans-ie.html MISC:http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html CONFIRM:http://service.real.com/realplayer/security/191007_player/en/ CERT:TA07-297A URL:http://www.us-cert.gov/cas/techalerts/TA07-297A.html CERT-VN:VU#871673 URL:http://www.kb.cert.org/vuls/id/871673 BID:26130 URL:http://www.securityfocus.com/bid/26130 VUPEN:ADV-2007-3548 URL:http://www.vupen.com/english/advisories/2007/3548 SECTRACK:1018843 URL:http://www.securitytracker.com/id?1018843 SECUNIA:27248 URL:http://secunia.com/advisories/27248 XF:realplayer-activex-bo(37280) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/37280
Assigning CNA
N/A
Date Entry Created
20071020	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071020)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org