Unrated severityNVD Advisory· Published Apr 2, 2003· Updated Apr 16, 2026

CVE-2003-0141

Description

The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.

Affected products

RealNetworks/Realone Enterprise Desktop
cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774:*:*:*:*:*:*:*
RealNetworks/Realone Player8 versions
cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.10.505:gold:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.818:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.830:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.841:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.853:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:9.0.0.288:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:9.0.0.297:*:*:*:*:*:*:*
RealNetworks/Realplayer
cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.coresecurity.com/common/showdoc.phpnvdPatchVendor Advisory
www.securityfocus.com/bid/7177nvdPatchVendor Advisory
www.kb.cert.org/vuls/id/705761nvdThird Party AdvisoryUS Government Resource
archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.htmlnvd
marc.infonvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000