Unrated severityNVD Advisory· Published Jan 25, 2010· Updated Jun 16, 2026
CVE-2009-4247
CVE-2009-4247
Description
Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:realnetworks:helix_player:10.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:realnetworks:helix_player:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_player:11.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_player:11.0.1:*:*:*:*:*:*:*
- (no CPE)range: 10.x, 11.0.0, 11.0.1
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:10.0:*:linux:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.0:*:linux:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.1:*:linux:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_enterprise:*:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
- (no CPE)range: 10, 10.5 (6.0.12.1040-6.0.12.1741), 11 (11.0.x), SP (1.0.0-1.0.1), Enterprise, Mac (10,10.1,11.0,11.0.1), Linux (10,11.0.0,11.0.1)
Patches
Vulnerability mechanics
References
13- securitytracker.com/idnvdPatch
- service.real.com/realplayer/security/01192010_player/en/nvdPatchVendor Advisory
- www.vupen.com/english/advisories/2010/0178nvdPatchVendor Advisory
- secunia.com/advisories/38218nvdVendor Advisory
- secunia.com/advisories/38450nvdVendor Advisory
- lists.helixcommunity.org/pipermail/helix-client-dev/2009-August/008092.htmlnvd
- lists.helixcommunity.org/pipermail/protocol-cvs/2009-August/001943.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0094.htmlnvd
- www.securityfocus.com/bid/37880nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/55802nvd
- helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cppnvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10677nvd
News mentions
0No linked articles in our index yet.