Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2011-0694 |
Description: | RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function. |
Test IDs: | None available |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0694 Bugtraq: 20110208 ZDI-11-076: RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516318/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-11-076 http://osvdb.org/70849 http://www.securitytracker.com/id?1025058 http://secunia.com/advisories/43268 http://securityreason.com/securityalert/8098 |