← Voltar para CVEs

CVE-2011-0694

N/A

Descricao

RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function.

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado2/21/2011

Ultima modificacao4/29/2026

Fontenvd

Avistamentos honeypot0

Produtos afetados

realnetworks:realplayerrealnetworks:realplayer_sp

Referencias

http://docs.real.com/docs/security/SecurityUpdate020811RPE.pdf(cve@mitre.org)

http://osvdb.org/70849(cve@mitre.org)

http://secunia.com/advisories/43268(cve@mitre.org)

http://securityreason.com/securityalert/8098(cve@mitre.org)

http://service.real.com/realplayer/security/02082011_player/en/(cve@mitre.org)

http://www.securityfocus.com/archive/1/516318/100/0/threaded(cve@mitre.org)

http://www.securitytracker.com/id?1025058(cve@mitre.org)

http://www.zerodayinitiative.com/advisories/ZDI-11-076(cve@mitre.org)

http://docs.real.com/docs/security/SecurityUpdate020811RPE.pdf(af854a3a-2127-422b-91ae-364da2661108)

http://osvdb.org/70849(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/43268(af854a3a-2127-422b-91ae-364da2661108)

http://securityreason.com/securityalert/8098(af854a3a-2127-422b-91ae-364da2661108)

http://service.real.com/realplayer/security/02082011_player/en/(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/516318/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1025058(af854a3a-2127-422b-91ae-364da2661108)

http://www.zerodayinitiative.com/advisories/ZDI-11-076(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.