NVD Vulnerability Detail
Search Exploit, PoC
CVE-2007-3410
Summary

Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.

Publication Date June 27, 2007, 7:30 a.m.
Registration Date Jan. 29, 2021, 2:15 p.m.
Last Update Oct. 11, 2017, 10:32 a.m.
CVSS2.0 : HIGH
Score 9.3
Vector AV:N/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV) ネットワーク
攻撃条件の複雑さ(AC)
攻撃前の認証要否(Au) 不要
機密性への影響(C)
完全性への影響(I)
可用性への影響(A)
Get all privileges. いいえ
Get user privileges いいえ
Get other privileges いいえ
User operation required はい
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:a:realnetworks:helix_player:10.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:10.0.6:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:10.0.7:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:10.0.8:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:10.5-gold:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:*:*:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List