VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jan 25, 2010· Updated Apr 29, 2026

CVE-2009-4245

CVE-2009-4245

Description

Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.

Affected products

18
  • RealNetworks/Realplayer12 versions
    cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.0:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.1:*:linux:*:*:*:*:*
  • RealNetworks/Realplayer Enterprise
    cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:*:*:*:*:*:*
  • RealNetworks/Realplayer Sp2 versions
    cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
  • RealNetworks/Helix Player3 versions
    cpe:2.3:a:realnetworks:helix_player:10.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:realnetworks:helix_player:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:11.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:11.0.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

15

News mentions

0

No linked articles in our index yet.