CVE-2003-0141

Name: CVE-2003-0141
Creator: NVD / NIST
Published: 2003-04-02T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.96%

Last modified Jun 16, 2026

CVE-2003-0141 is a vulnerability of currently unknown severity. The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.. EPSS estimates a 2.96% chance of exploitation in the next 30 days.

Description

The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.

Metrics

EPSS Probability

2.96%

85.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions	Update
Realnetworks	Realone Enterprise Desktop	6.0.11.774	—
Realnetworks	Realone Player	2.0	—
Realnetworks	Realone Player	6.0.10.505	Gold
Realnetworks	Realone Player	6.0.11.818	—
Realnetworks	Realone Player	6.0.11.830	—
Realnetworks	Realone Player	6.0.11.841	—
Realnetworks	Realone Player	6.0.11.853	—
Realnetworks	Realone Player	9.0.0.288	—
Realnetworks	Realone Player	9.0.0.297	—
Realnetworks	Realplayer	8.0	—

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html
http://marc.info/?l=bugtraq&m=104887465427579&w=2
http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10Patch, Vendor Advisory
http://www.kb.cert.org/vuls/id/705761Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/7177Patch, Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html
http://marc.info/?l=bugtraq&m=104887465427579&w=2
http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10Patch, Vendor Advisory
http://www.kb.cert.org/vuls/id/705761Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/7177Patch, Vendor Advisory

Timeline

Published: Apr 2, 2003
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2003-0141?

How severe is CVE-2003-0141?

Severity scoring for CVE-2003-0141 is pending analysis. The EPSS model estimates a 2.96% probability of exploitation in the next 30 days.

How do I fix CVE-2003-0141?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2003-0141?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST