Debian Security Advisory DSA 913-1 - An integer overflow has been discovered in helix-player, the helix audio and video player. This flaw could allow a remote attacker to run arbitrary code on a victims computer by supplying a specially crafted network resource.
e179e51f3e9797508dd52404da38fedbe35d0ebe8081da2653062dcb8be36066eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in RealPlayer. The vulnerability allows a remote attacker to reliably overwrite stack memory with arbitrary data and execute arbitrary code in the context of the user who executed the player. This specific flaw exists in the first data packet contained in a Real Media file. By specially crafting a malformed .rm movie file, a direct stack overwrite is triggered, and reliable code execution is then possible. Systems Affected include Windows: RealPlayer 10.5 (6.0.12.1040-1235), RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, RealPlayer Enterprise, Mac: RealPlayer 10, Linux: RealPlayer 10 (10.0.0 - 5), Helix Player (10.0.0 - 5).
388915a016f8b5eefe252bbe9e9418bed2477734934e7969d49035046f7b6823
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed