ID CVE-2008-3064
Summary Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability." RealPlayer has indicated that a version exists called "enterprise." Link: http://service.real.com/realplayer/security/07252008_player/en/
References
Vulnerable Configurations
  • cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 30378
bugtraq 20080730 RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability
confirm http://service.real.com/realplayer/security/07252008_player/en/
sectrack 1020564
vupen ADV-2008-2194
xf realplayer-resourcereference-unspecified(44014)
statements via4
contributor Joshua Bressers
lastmodified 2008-07-31
organization Red Hat
statement According to RealNetworks this flaw does not affect the Linux version of RealPlayer.
Last major update 30-10-2018 - 16:25
Published 28-07-2008 - 17:41
Back to Top