VDB
CVE-2005-2710
CVE-2005-2710
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.
EPSS 53.63% · 98.0th percentile
Risk Scores
CVSS 2.0
5.099999904632568
EPSS Score
53.63%
98.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| realnetworks | helix_player | |
| realnetworks | realplayer | 10.0 |
| n/a | n/a | n/a |
Timeline
- Sep 27, 2005 CVE Published
- Jul 30, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 17127 third-party-advisory
- VU#361181 third-party-advisory
- GLSA-200510-07 vendor-advisory
- DSA-826 vendor-advisory
- 27 third-party-advisory
- 20050926 RealPlayer && HelixPlayer Remote Format String mailing-list
- 16961 third-party-advisory
- RHSA-2005:788 vendor-advisory
- 16981 third-party-advisory
- 17116 third-party-advisory
- 16954 third-party-advisory
- oval:org.mitre.oval:def:11015 vdb
- SUSE-SA:2005:059 vendor-advisory
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078 url
- 20050930 RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability third-party-advisory
- http://www.open-security.org/advisories/13 url
- 41 third-party-advisory
- RHSA-2005:762 vendor-advisory
- 20050926 RealPlayer && HelixPlayer Remote Format String Exploit mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2005-2710 advisory