CVE-2010-0416

Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:realnetworks:realplayer:*:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:1.0.6:*:linux:*:*:*:*:*

Information

Published : 2010-02-18 15:30

Updated : 2017-09-18 18:30


NVD link : CVE-2010-0416

Mitre link : CVE-2010-0416


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

realnetworks

  • helix_player
  • realplayer