← back
CVE-2010-4394

CVE-2010-4394

EPSS 3.6%
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 allows remote web servers to execute arbitrary code via a long Server header in a response to an HTTP request that occurs during parsing of a RealPix file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/69853http://service.real.com/realplayer/security/12102010_player/en/http://www.securitytracker.com/id?1024861http://www.zerodayinitiative.com/advisories/ZDI-10-282