Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0755

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-0755
Last Modified 07 Mar 2011 09:20:32
Published 19 Apr 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-0755

Summary

Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.

Vulnerable Systems

Application

  • Realnetworks Helix Player 10.0.3

  • Realnetworks Realone Player 1.0

  • Realnetworks Realone Player 2.0

  • Realnetworks Realplayer 10.0

  • Realnetworks Realplayer 10.0 6.0.12.690

  • Realnetworks Realplayer 10.0 Beta

  • Realnetworks Realplayer 8.0


References

REDHAT - RHSA-2005:392

REDHAT - RHSA-2005:363

FEDORA - FEDORA-2005-329

CONFIRM - http://service.real.com/help/faq/security/050419_player/EN/

MISC - http://pb.specialised.info/all/adv/real-ram-adv.txt

BUGTRAQ - 20050420 RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Overflow

REDHAT - RHSA-2005:394


Last Updated: 27 May 2016 10:39:55