CVE-2008-1309

NONECVSS 0.0

0.0

The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory.

🔗 References (26)

cve@mitrehttp://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html
cve@mitrehttp://secunia.com/advisories/29315
cve@mitrehttp://service.real.com/realplayer/security/07252008_player/en/
cve@mitrehttp://www.kb.cert.org/vuls/id/831457
cve@mitrehttp://www.securityfocus.com/archive/1/494779/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/28157
cve@mitrehttp://www.securitytracker.com/id?1019576
cve@mitrehttp://www.securitytracker.com/id?1020563
cve@mitrehttp://www.vupen.com/english/advisories/2008/0842
cve@mitrehttp://www.vupen.com/english/advisories/2008/2194/references
cve@mitrehttp://www.zerodayinitiative.com/advisories/ZDI-08-047/
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/41087
cve@mitrehttps://www.exploit-db.com/exploits/5332
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060659.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29315

Is Your Infrastructure Affected by CVE-2008-1309?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-1309

📅 Published

🔄 Last Modified

🔗 References (26)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-1309?