{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-26T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2010-2216", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/2216"}, {"name": "41096", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/41096"}, {"name": "realplayer-parseknowntype-code-exec(61423)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61423"}, {"name": "oval:org.mitre.oval:def:6651", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651"}, {"name": "20100826 ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/513383/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://service.real.com/realplayer/security/08262010_player/en/"}, {"name": "1024370", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024370"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-167"}, {"name": "41154", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/41154"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3000", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2010-2216", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/2216"}, {"name": "41096", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41096"}, {"name": "realplayer-parseknowntype-code-exec(61423)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61423"}, {"name": "oval:org.mitre.oval:def:6651", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651"}, {"name": "20100826 ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/513383/100/0/threaded"}, {"name": "http://service.real.com/realplayer/security/08262010_player/en/", "refsource": "CONFIRM", "url": "http://service.real.com/realplayer/security/08262010_player/en/"}, {"name": "1024370", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024370"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-167", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-167"}, {"name": "41154", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41154"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:55:46.403Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2010-2216", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/2216"}, {"name": "41096", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/41096"}, {"name": "realplayer-parseknowntype-code-exec(61423)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61423"}, {"name": "oval:org.mitre.oval:def:6651", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651"}, {"name": "20100826 ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/513383/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://service.real.com/realplayer/security/08262010_player/en/"}, {"name": "1024370", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024370"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-167"}, {"name": "41154", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/41154"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-3000", "datePublished": "2010-08-30T19:00:00.000Z", "dateReserved": "2010-08-13T00:00:00.000Z", "dateUpdated": "2024-08-07T02:55:46.403Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "A8985B3B-BCC9-431D-9788-0C1949DF46E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "D03738C3-D659-488D-B285-64A496C0F1FB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8BFD9C4F-E93B-4BCE-A5E2-A20945EB8534", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5BBEBAA2-4892-4F9E-8C0E-94CA90DCD28D", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "53D7AE43-A3AC-4B38-B0A3-E6F02834224F", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "59FEDCDF-9FBF-4D08-A50F-FF92763DFC21", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54A11B3A-547C-4F2F-A58E-DE06DBBE8115", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7243D80-913D-405C-9988-B8473DB1A5DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D4C6D399-FF31-441D-A363-BD53CFE5569A", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "9818A6FB-2CF5-4236-8EFE-95458D603CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer_sp:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "73CC0582-D889-4907-A32E-218AC2B0591F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de entero en la funci\u00f3n ParseKnownType de RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP v1.0 hasta la v1.1.4 en Windows. Permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de datos (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY o (2) HX_FLV_META_AMF_TYPE_ARRAY modificados en un fichero FLV."}], "id": "CVE-2010-3000", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-08-30T20:00:02.640", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/41096"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/41154"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://service.real.com/realplayer/security/08262010_player/en/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/513383/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1024370"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2010/2216"}, {"source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-167"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61423"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41096"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41154"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://service.real.com/realplayer/security/08262010_player/en/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/513383/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024370"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2216"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61423"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6651"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}