CVE-2010-3001

Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors related to "multiple browser windows."

Published: Aug 30, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-3001
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
realnetworks / realplayer	11.0	11.0.x
realnetworks / realplayer	11.1	11.1.x
realnetworks / realplayer_sp	1.0.0	1.0.0.x
realnetworks / realplayer_sp	1.0.1	1.0.1.x
realnetworks / realplayer_sp	1.0.2	1.0.2.x
realnetworks / realplayer_sp	1.0.5	1.0.5.x
realnetworks / realplayer_sp	1.1	1.1.x
realnetworks / realplayer_sp	1.1.1	1.1.1.x
realnetworks / realplayer_sp	1.1.2	1.1.2.x
realnetworks / realplayer_sp	1.1.3	1.1.3.x
realnetworks / realplayer_sp	1.1.4	1.1.4.x

http://secunia.com/advisories/41096
http://secunia.com/advisories/41154
http://service.real.com/realplayer/security/08262010_player/en/
http://www.securitytracker.com/id?1024370
http://www.vupen.com/english/advisories/2010/2216
https://exchange.xforce.ibmcloud.com/vulnerabilities/61424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7507

Vulnerability Database

CVE-2010-3001