Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2710

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-2710
Last Modified 07 Mar 2011 09:24:55
Published 27 Sep 2005 04:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-2710

Summary

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.

Vulnerable Systems

Application

  • Realnetworks Helix Player

  • Realnetworks Realplayer 10.0


References

CERT-VN - VU#361181

REDHAT - RHSA-2005:788

MISC - http://www.open-security.org/advisories/13

IDEFENSE - 20050930 RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability

GENTOO - GLSA-200510-07

DEBIAN - DSA-826

FULLDISC - 20050926 RealPlayer && HelixPlayer Remote Format String

BUGTRAQ - 20050926 RealPlayer && HelixPlayer Remote Format String Exploit

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078

REDHAT - RHSA-2005:762

SUSE - SUSE-SA:2005:059

SREASON - 41

SREASON - 27

SECUNIA - 17127

SECUNIA - 17116

SECUNIA - 16981

SECUNIA - 16961

SECUNIA - 16954


Last Updated: 27 May 2016 10:40:37