fkie_cve-2005-4126
Vulnerability from fkie_nvd
Published
2005-12-09 11:03
Modified
2024-11-21 00:03
Severity ?
Summary
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED.
References
cve@mitre.orghttp://www.eeye.com/html/research/upcoming/20051130.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/15691
af854a3a-2127-422b-91ae-364da2661108http://www.eeye.com/html/research/upcoming/20051130.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15691
Impacted products
Vendor Product Version
realnetworks realplayer 6.0
realnetworks realplayer 7.0
realnetworks realplayer 8.0
realnetworks realplayer 10.0
realnetworks realplayer 10.0_6.0.12.690
realnetworks realplayer 10.0_beta
realnetworks realplayer 10.5
realnetworks realplayer 10.5_6.0.12.1016_beta
realnetworks realplayer 10.5_6.0.12.1040
realnetworks realplayer 10.5_6.0.12.1053
realnetworks realplayer 10.5_6.0.12.1056
realnetworks realplayer 10.5_6.0.12.1059
realnetworks realplayer 10.5_6.0.12.1069
realnetworks realplayer 10.5_6.0.12.1235


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:6.0:*:win32:*:*:*:*:*",
              "matchCriteriaId": "65124AAD-0F80-4FBB-8A29-420C445E889C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:7.0:*:win32:*:*:*:*:*",
              "matchCriteriaId": "2F5492A8-E1B6-4ADF-B057-125ECD8B7FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:8.0:*:win32:*:*:*:*:*",
              "matchCriteriaId": "003D7E29-9970-4984-9756-C070E15B7979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD49D16C-B0AC-4228-9984-010661596232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0_6.0.12.690:*:*:*:*:*:*:*",
              "matchCriteriaId": "01513F87-049E-46A9-A573-A7AF27EB30C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.0_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC43D9-C93E-4FB4-B05B-9FB519B03DCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "348F3214-E5C2-4D39-916F-1B0263D13F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1016_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "169753E3-949F-4B7D-9955-A52240CB8E6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*",
              "matchCriteriaId": "91278EFD-0285-4389-9C53-50FE225C3C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*",
              "matchCriteriaId": "336246FA-A06F-4792-9923-E6948F3494FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C7BF07-8B9A-4BDF-BEA9-C55ABDEA8165",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC15988-96A0-4EBE-BF99-14D46F5A9553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:*",
              "matchCriteriaId": "41F65BDA-393F-4274-B193-B578255DB013",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D4CADDC-84D2-45D9-99BA-A662D7490154",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "** UNVERIFIABLE, PRERELEASE **  NOTE: this issue describes a problem that can not be independently verified as of 20051208.  Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code.  NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information.  It has been posted by a reliable reporter with a prerelease disclosure policy.  This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board.  Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED."
    }
  ],
  "id": "CVE-2005-4126",
  "lastModified": "2024-11-21T00:03:30.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.eeye.com/html/research/upcoming/20051130.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.eeye.com/html/research/upcoming/20051130.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15691"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.