|
|
CVE Reference: CVE-2006-0323 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0323 |
|
|
Description: Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a a size value that is less than the actual size, or (2) other unspecified manipulations. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25408 SUSE http://www.novell.com/linux/security/advisories/2006_18_realplayer.html ST 1015806 SREASON http://securityreason.com/securityalert/690 SAID Secunia Advisory: SA19365 Secunia Advisory: SA19358 Secunia Advisory: SA19390 Secunia Advisory: SA19362 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0257.html GENTOO http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml CONFIRM http://www.service.real.com/realplayer/security/03162006_player/en/ CERT-VN 231028 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/430621/100/0/threaded BID 17202 |
|
| Return to the previous page. |
