exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-212
Posted Oct 16, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-212 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must open a malicious website or media file. The specific flaw exists within the code responsible for parsing Name Value Property (NVP) elements from within logical streams in a RealPlayer media file. Specifically, a function within the rjrmrpln.dll file allocates a buffer on the heap which can be directly influenced from data within the file. This buffer is then written to using another value defined in the file and thus also controlled. By crafting a malicious media file an attacker can abuse this to execute arbitrary code under the context of the user running the player.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3750
MD5 | d4a5787af885913ccaf68effed777ae9
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Mozilla Patches 24 Firefox Vulnerabilities
Posted May 23, 2019

tags | headline, flaw, patch, mozilla, firefox
Millions Of Golfers Land In Privacy Hazard After Cloud Misconfig
Posted May 22, 2019

tags | headline, privacy, data loss
Team Viewer Hit By Chinese Hackers In 2016
Posted May 22, 2019

tags | headline, hacker, privacy, china, data loss
Huawei Faces Break With UK Chip Giant ARM
Posted May 22, 2019

tags | headline, government, china, spyware, backdoor
Google G Suite Glitch Left Some Passwords Stored In Plain Text For 14 Years
Posted May 22, 2019

tags | headline, flaw, google, password
Unsecure Chtrbox AWS Database Exposes Data On 49 Million Instagram Influencers, Accounts
Posted May 21, 2019

tags | headline, privacy, amazon, data loss, facebook
Huawei's Microchip Vulnerability Explained
Posted May 21, 2019

tags | headline, government, usa, china, flaw, cyberwar, spyware
Linux Variant Of Winnti Malware Spotted In Wild
Posted May 21, 2019

tags | headline, malware, linux
Baltimore Ransomware Nightmare Could Last Weeks More
Posted May 21, 2019

tags | headline, government, usa, cybercrime, fraud, cryptography
Trump's U.S. Golf Association Account Got Hacked
Posted May 20, 2019

tags | headline, hacker, government, usa
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close