CVE-2002-1014

Name: CVE-2002-1014
Creator: NVD / NIST
Published: 2002-10-04T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 8.10%

Last modified Jun 16, 2026

CVE-2002-1014 is a vulnerability of currently unknown severity. Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.. EPSS estimates a 8.10% chance of exploitation in the next 30 days.

Description

Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.

Metrics

EPSS Probability

8.10%

94.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions	Update
Realnetworks	Realjukebox 2	1.0.2.340	—
Realnetworks	Realjukebox 2	1.0.2.379	—
Realnetworks	Realjukebox 2 Plus	1.0.2.340	—
Realnetworks	Realjukebox 2 Plus	1.0.2.379	—
Realnetworks	Realone Player	6.0.10.505	Gold

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0127.html
http://service.real.com/help/faq/security/bufferoverrun07092002.html
http://www.iss.net/security_center/static/9538.phpVendor Advisory
http://www.kb.cert.org/vuls/id/843667US Government Resource
http://www.securityfocus.com/bid/5217Patch, Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-07/0127.html
http://service.real.com/help/faq/security/bufferoverrun07092002.html
http://www.iss.net/security_center/static/9538.phpVendor Advisory
http://www.kb.cert.org/vuls/id/843667US Government Resource
http://www.securityfocus.com/bid/5217Patch, Vendor Advisory

Timeline

Published: Oct 4, 2002
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2002-1014?

How severe is CVE-2002-1014?

Severity scoring for CVE-2002-1014 is pending analysis. The EPSS model estimates a 8.10% probability of exploitation in the next 30 days.

How do I fix CVE-2002-1014?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-1014?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST