CVE-2008-1309 - OpenCVE

The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Realnetworks	Realplayer

Configuration 1 [-]

OR	cpe:2.3:a:realnetworks:realplayer:::enterprise:::::*
	cpe:2.3:a:realnetworks:realplayer:10.0:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5:::::::*
	cpe:2.3:a:realnetworks:realplayer:11:::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html
http://secunia.com/advisories/29315
http://service.real.com/realplayer/security/07252008_player/en/
http://www.kb.cert.org/vuls/id/831457
http://www.securityfocus.com/archive/1/494779/100/0/threaded
http://www.securityfocus.com/bid/28157
http://www.securitytracker.com/id?1019576
http://www.securitytracker.com/id?1020563
http://www.vupen.com/english/advisories/2008/0842
http://www.vupen.com/english/advisories/2008/2194/references
http://www.zerodayinitiative.com/advisories/ZDI-08-047/
https://exchange.xforce.ibmcloud.com/vulnerabilities/41087
https://www.exploit-db.com/exploits/5332

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-03-12T17:00:00

Updated: 2024-08-07T08:17:33.628Z

Reserved: 2008-03-12T00:00:00

Link: CVE-2008-1309

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-03-12T17:44:00.000

Modified: 2018-10-11T20:31:40.120

Link: CVE-2008-1309

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-10T00:00:00", "descriptions": [{"lang": "en", "value": "The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "realplayer-realaudioobjects-code-execution(41087)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41087"}, {"name": "ADV-2008-2194", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2194/references"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://service.real.com/realplayer/security/07252008_player/en/"}, {"name": "29315", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29315"}, {"name": "20080310 Real Networks RealPlayer ActiveX Control Heap Corruption", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html"}, {"name": "1019576", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019576"}, {"name": "5332", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/5332"}, {"name": "ADV-2008-0842", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0842"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-047/"}, {"name": "VU#831457", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/831457"}, {"name": "20080725 ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/494779/100/0/threaded"}, {"name": "1020563", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020563"}, {"name": "28157", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28157"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1309", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "realplayer-realaudioobjects-code-execution(41087)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41087"}, {"name": "ADV-2008-2194", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2194/references"}, {"name": "http://service.real.com/realplayer/security/07252008_player/en/", "refsource": "CONFIRM", "url": "http://service.real.com/realplayer/security/07252008_player/en/"}, {"name": "29315", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29315"}, {"name": "20080310 Real Networks RealPlayer ActiveX Control Heap Corruption", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html"}, {"name": "1019576", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019576"}, {"name": "5332", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/5332"}, {"name": "ADV-2008-0842", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0842"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-047/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-047/"}, {"name": "VU#831457", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/831457"}, {"name": "20080725 ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/494779/100/0/threaded"}, {"name": "1020563", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020563"}, {"name": "28157", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28157"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:17:33.628Z"}, "title": "CVE Program Container", "references": [{"name": "realplayer-realaudioobjects-code-execution(41087)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41087"}, {"name": "ADV-2008-2194", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2194/references"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://service.real.com/realplayer/security/07252008_player/en/"}, {"name": "29315", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29315"}, {"name": "20080310 Real Networks RealPlayer ActiveX Control Heap Corruption", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html"}, {"name": "1019576", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019576"}, {"name": "5332", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/5332"}, {"name": "ADV-2008-0842", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0842"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-047/"}, {"name": "VU#831457", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/831457"}, {"name": "20080725 ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/494779/100/0/threaded"}, {"name": "1020563", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020563"}, {"name": "28157", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28157"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1309", "datePublished": "2008-03-12T17:00:00", "dateReserved": "2008-03-12T00:00:00", "dateUpdated": "2024-08-07T08:17:33.628Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:*", "matchCriteriaId": "19BC5A59-BCBD-4859-8329-B4974D43DB90", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD49D16C-B0AC-4228-9984-010661596232", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "348F3214-E5C2-4D39-916F-1B0263D13F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:11:*:*:*:*:*:*:*", "matchCriteriaId": "72A94395-4F1A-4310-85A8-F46A76EE3A12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory."}, {"lang": "es", "value": "El control de ActiveX RealAudioObjects.RealAudio en rmoc3260.dll en RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 en versiones anteriores a build 6.0.12.1675 y RealPlayer 11 en versiones anteriores a 11.0.3 build 6.0.14.806 no gestiona adecuadamente la memoria para la propiedad (1) Console o (2) Controls, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (ca\u00edda del navegador) a trav\u00e9s de una serie de asignaciones de valores de cadena larga, lo que desencadena una sobrescritura de la memoria din\u00e1mica liberada."}], "id": "CVE-2008-1309", "lastModified": "2018-10-11T20:31:40.120", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-03-12T17:44:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29315"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://service.real.com/realplayer/security/07252008_player/en/"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/831457"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/494779/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28157"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019576"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020563"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0842"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2194/references"}, {"source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-047/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41087"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/5332"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect versions of RealPlayer as shipped with Red Hat Enterprise Linux 3 Extras, 4 Extras, or 5 Supplementary.", "lastModified": "2008-03-18T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}