Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | RealPlayer Buffer Overflow in Processing SMIL File Screen-Size Attribute Lets Remote Users Execute Arbitrary Code |
|---|
Categorie: Vulnerability
Posted: 2005-03-03 by ReCall
Views: 544
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: iDEFENSE reported a vulnerability in RealPlayer in the processing of SMIL files. A remote user can cause arbitrary code to be executed.
A remote user can create a specially crafted Synchronized Multimedia Integration Language (smil) file to trigger a buffer overflow in the player's SMIL parser.
The vulnerability resides in 'datatype/smil/renderer/smil1/smlparse.cpp' in the processing of the screen size attribute. A valid SMIL file with the following type of line can trigger the flaw [where 'LONGSTRING' is more than 256 bytes]:
<text src="1024_768.en.txt" region="size" system-screen-size="LONGSTRINGX768">
The following Windows versions are affected:
RealPlayer 10.5 (6.0.12.1040-1056), RealPlayer 10, RealOne Player v2 (6.0.11.853 - 872), RealOne Player v2 (6.0.11.818 - 840), RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise.
The following Mac versions are affected: Mac RealPlayer 10 (10.0.0.305 - 325) and Mac RealOne Player.
The following Linux versions are affected: Linux RealPlayer 10 and Helix Player.
The vendor was notified on January 14, 2005.
The original advisory is available at:
http://www.idefense.com/application/poi/display?id=209&type=vulnerabilities
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code with the privileges of the target users.
Solution: The vendor has issued a fixed version (6.0.12.1059 for Windows, 10.0.0.331 for Mac), as well as updates for some previous versions. See the vendor's advisory for a patch matrix:
http://service.real.com/help/faq/security/050224_player/EN/
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1402
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
