Heap-based Buffer Overflow in RealPlayer and HelixPlayer Allows Remote Code Execution via Crafted ImageMap Data

Heap-based Buffer Overflow in RealPlayer and HelixPlayer Allows Remote Code Execution via Crafted ImageMap Data

CVE-2010-4392 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap data in a RealMedia file, related to certain improper integer calculations.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.