Bug#358754: [CVE-2005-2922] Invalid chunk size heap overflow vulnerability

Florian Weimer Fri, 24 Mar 2006 02:38:16 -0800

Package: helix-player
Version: 1.0.6-3
Severity: grave
Tags: security

A new vulnerability in helix-player has been disclosed.

From: labs-no-reply <[EMAIL PROTECTED]>
Subject: [VulnWatch] iDefense Security Advisory 03.23.06: RealNetworks 
RealPlayer and
 Helix Player Invalid Chunk Size Heap Overflow Vulnerability
To: bugtraq@securityfocus.com, [EMAIL PROTECTED],
        full-disclosure@lists.grok.org.uk
Date: Thu, 23 Mar 2006 17:57:49 -0500
Message-ID: <[EMAIL PROTECTED]>

RealNetworks RealPlayer and Helix Player Invalid Chunk Size Heap
Overflow Vulnerability

iDefense Security Advisory 03.23.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=404
March 23, 2006

I. BACKGROUND

RealPlayer is an application for playing various media formats,
developed by RealNetworks Inc. For more information, visit
http://www.real.com/.

II. DESCRIPTION

Remote exploitation of a heap-based buffer overflow in RealNetwork Inc's
RealPlayer could allow the execution of arbitrary code in the context of
the currently logged in user.

[...]

-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#358754: [CVE-2005-2922] Invalid chunk size heap overflow vulnerability

Reply via email to