Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | RealPlayer Buffer Overflow in Processing WAV File Attribute Lets Remote Users Execute Arbitrary Code |
|---|
Categorie: Vulnerability
Posted: 2005-03-03 by ReCall
Views: 397
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: A vulnerability was reported in RealPlayer in the processing of WAV files. A remote user can cause arbitrary code to be executed.
A remote user can create a specially crafted WAV file that, when loaded by the target user's RealPlayer, will trigger a buffer overflow and execute arbitrary code. The code will run with the privileges of the target user. No further details were provided.
The following Windows versions are affected:
RealPlayer 10.5 (6.0.12.1040-1056), RealPlayer 10, RealOne Player v2 (6.0.11.853 - 872), RealOne Player v2 (6.0.11.818 - 840), RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise.
The following Linux versions are affected: Linux RealPlayer 10 and Helix Player.
The Mac versions are not affected.
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code with the privileges of the target users.
Solution: The vendor has issued a fixed version (6.0.12.1059), as well as updates for some previous versions. See the vendor's advisory for a patch matrix:
http://service.real.com/help/faq/security/050224_player/EN/
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1403
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
