FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

linux-realplayer -- RealText parsing heap overflow

Affected packages
linux-realplayer <= 10.0.4_1

Details

VuXML ID 95ee96f2-e488-11d9-bf22-080020c11455
Discovery 2005-06-23
Entry 2005-06-24

An iDEFENSE Security Advisory reports:

Remote exploitation of a heap-based buffer overflow vulnerability in the RealText file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code.

References

CVE Name CVE-2005-1277
URL http://service.real.com/help/faq/security/050623_player/EN/
URL http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities&flashstatus=false