CVE-2006-1370 - Vulnerability Details - OpenCVE

Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Realnetworks	Realone Player Realplayer

Configuration 1 [-]

OR	cpe:2.3:a:realnetworks:realone_player:1.0:::::::*
	cpe:2.3:a:realnetworks:realone_player:2.0:::::::*
	cpe:2.3:a:realnetworks:realplayer:::enterprise:::::*
	cpe:2.3:a:realnetworks:realplayer:8.0:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.0:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:::::::*
	cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1348:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/19358
http://securitytracker.com/id?1015810
http://www.kb.cert.org/vuls/id/451556
http://www.securityfocus.com/bid/17202
http://www.service.real.com/realplayer/security/03162006_player/en/
http://www.vupen.com/english/advisories/2006/1057
https://exchange.xforce.ibmcloud.com/vulnerabilities/25411

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-03-23T23:00:00

Updated: 2024-08-07T17:12:20.812Z

Reserved: 2006-03-23T00:00:00

Link: CVE-2006-1370

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-03-23T23:06:00.000

Modified: 2024-11-21T00:08:41.657

Link: CVE-2006-1370

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-03-22T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"}, {"name": "realnetworks-mbc-bo(25411)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25411"}, {"name": "19358", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19358"}, {"name": "ADV-2006-1057", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1057"}, {"name": "17202", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17202"}, {"name": "VU#451556", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/451556"}, {"name": "1015810", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015810"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-1370", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.service.real.com/realplayer/security/03162006_player/en/", "refsource": "CONFIRM", "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"}, {"name": "realnetworks-mbc-bo(25411)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25411"}, {"name": "19358", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19358"}, {"name": "ADV-2006-1057", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1057"}, {"name": "17202", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17202"}, {"name": "VU#451556", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/451556"}, {"name": "1015810", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015810"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:12:20.812Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"}, {"name": "realnetworks-mbc-bo(25411)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25411"}, {"name": "19358", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19358"}, {"name": "ADV-2006-1057", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1057"}, {"name": "17202", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17202"}, {"name": "VU#451556", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/451556"}, {"name": "1015810", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015810"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-1370", "datePublished": "2006-03-23T23:00:00", "dateReserved": "2006-03-23T00:00:00", "dateUpdated": "2024-08-07T17:12:20.812Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7E940DAB-0CD5-4EC0-916F-6C0B2AE26D19", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CF6535A6-6647-4E60-B5AA-24DFC06360AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:*", "matchCriteriaId": "19BC5A59-BCBD-4859-8329-B4974D43DB90", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E6051B4-1B15-44C0-B2CD-5504E68C60F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD49D16C-B0AC-4228-9984-010661596232", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*", "matchCriteriaId": "91278EFD-0285-4389-9C53-50FE225C3C19", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*", "matchCriteriaId": "336246FA-A06F-4792-9923-E6948F3494FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:*", "matchCriteriaId": "06C7BF07-8B9A-4BDF-BEA9-C55ABDEA8165", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:*", "matchCriteriaId": "CEC15988-96A0-4EBE-BF99-14D46F5A9553", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:*", "matchCriteriaId": "41F65BDA-393F-4274-B193-B578255DB013", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:*", "matchCriteriaId": "8D4CADDC-84D2-45D9-99BA-A662D7490154", "vulnerable": true}, {"criteria": "cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1348:*:*:*:*:*:*:*", "matchCriteriaId": "BB407A17-771F-4F46-A5F9-2458358C47AA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file."}], "evaluatorSolution": "This vulnerability affects all versions of RealNetworks, RealPlayer from 10.5 v6.0.12.1040 through 10.5 v6.0.12.1348.", "id": "CVE-2006-1370", "lastModified": "2024-11-21T00:08:41.657", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-03-23T23:06:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19358"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015810"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/451556"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/17202"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/1057"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25411"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19358"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015810"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/451556"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17202"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.service.real.com/realplayer/security/03162006_player/en/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25411"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}