ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA19358] RealNetworks Products Multiple Buffer Overflow Vulnerabilities



> 
> 
> TITLE:
> RealNetworks Products Multiple Buffer Overflow Vulnerabilities
> 
> SECUNIA ADVISORY ID:
> SA19358
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/19358/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> System access
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Rhapsody 3
> http://secunia.com/product/5287/
> RealPlayer Enterprise 1.x
> http://secunia.com/product/3342/
> RealPlayer 8
> http://secunia.com/product/665/
> RealPlayer 10.x
> http://secunia.com/product/2968/
> RealOne Player v2
> http://secunia.com/product/2378/
> RealOne Player v1
> http://secunia.com/product/666/
> Helix Player 1.x
> http://secunia.com/product/3970/
> 
> DESCRIPTION:
> Some vulnerabilities have been reported in various RealNetworks
> products, which can be exploited by malicious people to compromise a
> user's system.
> 
> 1) A boundary error when processing SWF files can be exploited to
> cause a buffer overflow. This may allow execution of arbitrary code
> on the user's system.
> 
> 2) A boundary error within the handling of web pages can be exploited
> via a specially crafted web page on a malicious server to cause a
> heap-based buffer overflow. This may allow execution of arbitrary
> code on the user's system.
> 
> 3) A boundary error in the processing of MBC files can be exploited
> to cause a buffer overflow. This may allow execution of arbitrary
> code on the user's system.
> 
> A weakness when executing other programs is caused due to incorrect
> use of the "CreateProcess()" API. This may allow execution of an
> arbitrary program on the system, if this can be placed in the program
> path.
> 
> The following products are affected by one of more of the
> vulnerabilities:
> * RealPlayer 10.5 (6.0.12.1040-1348)
> * RealPlayer 10
> * RealOne Player v2
> * RealOne Player v1
> * RealPlayer 8
> * RealPlayer Enterprise
> * Rhapsody 3 (build 0.815 – 1.0.269)
> * Mac RealPlayer 10 (10.0.0.305 - 331)
> * Mac RealOne Player
> * Linux RealPlayer 10 (10.0.6)
> * Helix Player (10.0.6)
> * Linux RealPlayer 10 (10.0.0 - 5)
> * Helix Player (10.0.0 - 5)
> 
> SOLUTION:
> See patch matrix in vendor advisory for details.
> 
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits the following people:
> * John Heasman, NGS Software.
> * Greg MacManus, iDEFENSE Labs.
> * Sowhat
> 
> ORIGINAL ADVISORY:
> RealNetworks:
> http://service.real.com/realplayer/security/03162006_player/en/
> http://service.real.com/realplayer/security/security/enterpris
> e_031606.html
> http://service.real.com/help/faq/security/security111605.html
> 
> iDEFENSE:
> http://www.idefense.com/intelligence/vulnerabilities/display.p
> hp?id=340
> 
> 



 




Copyright © Lexa Software, 1996-2009.