CVE-2007-5601
Last modified
CVE-2007-5601 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll.. EPSS estimates a 42.37% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Realnetworks | Realplayer | 10.0 |
| Realnetworks | Realplayer | 10.5 |
| Realnetworks | Realplayer | 11_beta |
References
- http://secunia.com/advisories/27248Vendor Advisory
- http://www.kb.cert.org/vuls/id/871673US Government Resource
- http://www.us-cert.gov/cas/techalerts/TA07-297A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/3548Vendor Advisory
- http://secunia.com/advisories/27248Vendor Advisory
- http://www.kb.cert.org/vuls/id/871673US Government Resource
- http://www.us-cert.gov/cas/techalerts/TA07-297A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/3548Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-5601?
How severe is CVE-2007-5601?
How do I fix CVE-2007-5601?
Are you affected by CVE-2007-5601?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST