CVE-2010-0117 Information

Description

RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations which might allow remote attackers to execute arbitrary code via crafted MP4 content.

Reference

http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://secunia.com/secunia_research/2010-5/ http://service.real.com/realplayer/security/08262010_player/en/ http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61421 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7169