Home  >  CVE-2003-0141
CVE Details for CVE: CVE-2003-0141
Summary
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
Timestamps
Last major update 18-10-2016 - 02:30
Published 02-04-2003 - 05:00
Last modified 18-10-2016 - 02:30
References
Vulnerable Configurations
  • cpe:2.3:a:realnetworks:realone_player:6.0.11.853:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:6.0.11.853:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:9.0.0.288:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:9.0.0.288:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:9.0.0.297:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:9.0.0.297:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:6.0.11.830:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:6.0.11.830:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:6.0.11.841:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:6.0.11.841:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:6.0.10.505:gold:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:6.0.10.505:gold:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realone_player:6.0.11.818:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realone_player:6.0.11.818:*:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CWE
NVD-CWE-Other
CVSS
Base
5.1
Impact
6.4
Exploitability
4.9
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
CVSS3
None
VIA4 references
cvss-vector via4
AV:N/AC:H/Au:N/C:P/I:P/A:P
refmap via4
bid 7177
bugtraq 20030328 CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability
cert-vn VU#705761
misc http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10
vulnwatch 20030328 CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability