2010-10-20

Real RealPlayer, Real RealPlayer Enterprise, Real RealPlayer SP

ソフト名:Real RealPlayer 11.0~11.1, Real RealPlayer 2.1.2 Enterprise, Real RealPlayer SP 1.0.0~1.1.4
回避策:アップデートにて対応
脆弱性:リモートコード実行, ヒープオーバーフロー, スタックオーバーフロー
ソース:
http://service.real.com/realplayer/security/10152010_player/en/
http://www.zerodayinitiative.com/advisories/ZDI-10-209/
http://www.zerodayinitiative.com/advisories/ZDI-10-210/
http://www.zerodayinitiative.com/advisories/ZDI-10-211/
http://www.zerodayinitiative.com/advisories/ZDI-10-212/
http://www.zerodayinitiative.com/advisories/ZDI-10-213/
http://www.securityfocus.com/bid/44144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3749
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3750
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3751
http://secunia.com/advisories/41096
http://secunia.com/advisories/41743
http://www.vupen.com/english/advisories/2010/2698
CVE:CVE-2010-2578, CVE-2010-2998, CVE-2010-3747, CVE-2010-3748, CVE-2010-3749, CVE-2010-3750, CVE-2010-3751
危険性:High Risk

0 件のコメント:

コメントを投稿