|
|
CVE Reference: CVE-2007-5601 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-5601 |
|
|
Description: Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/37280 ST 1018843 SAID Secunia Advisory: SA27248 MISC http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html http://www.infosecblog.org/2007/10/nasa-bans-ie.html CONFIRM http://service.real.com/realplayer/security/191007_player/en/ CERT-VN 871673 CERT http://www.us-cert.gov/cas/techalerts/TA07-297A.html BID 26130 |
|
| Return to the previous page. |
