CVE-2010-0120 Information

Description

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.

Reference

http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://secunia.com/secunia_research/2010-8/ http://service.real.com/realplayer/security/08262010_player/en/ http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61422 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6807