Test Kennung:	1.3.6.1.4.1.25623.1.0.60115
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: linux-realplayer
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: linux-realplayer CVE-2007-5081 Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5, RealOne Player 1 and 2, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. CVE-2007-3410 Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. CVE-2007-2263 Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers. CVE-2007-2264 Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5, RealOne Player 1 and 2, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5081 BugTraq ID: 26214 http://www.securityfocus.com/bid/26214 http://osvdb.org/38340 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625 http://securitytracker.com/id?1018866 http://secunia.com/advisories/27361 http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.vupen.com/english/advisories/2007/3628 XForce ISS Database: realplayer-rm-bo(37435) https://exchange.xforce.ibmcloud.com/vulnerabilities/37435 Common Vulnerability Exposure (CVE) ID: CVE-2007-3410 BugTraq ID: 24658 http://www.securityfocus.com/bid/24658 CERT/CC vulnerability note: VU#770904 http://www.kb.cert.org/vuls/id/770904 http://security.gentoo.org/glsa/glsa-200709-05.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547 http://osvdb.org/37374 http://osvdb.org/38342 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554 http://www.redhat.com/support/errata/RHSA-2007-0605.html http://www.redhat.com/support/errata/RHSA-2007-0841.html http://securitytracker.com/id?1018297 http://securitytracker.com/id?1018299 http://secunia.com/advisories/25819 http://secunia.com/advisories/25859 http://secunia.com/advisories/26463 http://secunia.com/advisories/26828 http://www.vupen.com/english/advisories/2007/2339 XForce ISS Database: realplayer-smiltime-wallclockvalue-bo(35088) https://exchange.xforce.ibmcloud.com/vulnerabilities/35088 Common Vulnerability Exposure (CVE) ID: CVE-2007-2263 BugTraq ID: 26284 http://www.securityfocus.com/bid/26284 Bugtraq: 20071031 ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/483110/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-07-061.html http://osvdb.org/38344 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11432 http://www.securitytracker.com/id?1018866 XForce ISS Database: realplayer-swf-bo(37436) https://exchange.xforce.ibmcloud.com/vulnerabilities/37436 Common Vulnerability Exposure (CVE) ID: CVE-2007-2264 Bugtraq: 20071031 ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/483113/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-07-063.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9100 XForce ISS Database: realplayer-ram-bo(37437) https://exchange.xforce.ibmcloud.com/vulnerabilities/37437
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.