Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:523

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53095

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:523

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:523.

RealPlayer is a media player that provides solid media playback locally and
via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, Flash, SMIL
2.0, JPEG, GIF, PNG, RealPix, RealText, and more.

A buffer overflow bug was found in the way RealPlayer processes SMIL files.
An attacker could create a specially crafted SMIL file, which when combined
with a malicious Web server, could execute arbitrary code when opened by a
user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-1766 to this issue.

All users of RealPlayer are advised to upgrade to this updated package,
which contains RealPlayer version 10.0.5 and is not vulnerable to this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-523.html

Risk factor : High

CVSS Score:
5.1

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1766
16981
http://secunia.com/advisories/16981
20050623 RealNetworks RealPlayer RealText Parsing Heap Overflow Vulnerability
http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities&flashstatus=true
DSA-826
http://www.debian.org/security/2005/dsa-826
RHSA-2005:517
http://www.redhat.com/support/errata/RHSA-2005-517.html
RHSA-2005:523
http://www.redhat.com/support/errata/RHSA-2005-523.html
SUSE-SA:2005:037
http://www.novell.com/linux/security/advisories/2005_37_real_player.html
http://service.real.com/help/faq/security/050623_player/EN/
oval:org.mitre.oval:def:9509
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9509

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53095
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:523
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:523. RealPlayer is a media player that provides solid media playback locally and via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, Flash, SMIL 2.0, JPEG, GIF, PNG, RealPix, RealText, and more. A buffer overflow bug was found in the way RealPlayer processes SMIL files. An attacker could create a specially crafted SMIL file, which when combined with a malicious Web server, could execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1766 to this issue. All users of RealPlayer are advised to upgrade to this updated package, which contains RealPlayer version 10.0.5 and is not vulnerable to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-523.html Risk factor : High CVSS Score: 5.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1766 16981 http://secunia.com/advisories/16981 20050623 RealNetworks RealPlayer RealText Parsing Heap Overflow Vulnerability http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities&flashstatus=true DSA-826 http://www.debian.org/security/2005/dsa-826 RHSA-2005:517 http://www.redhat.com/support/errata/RHSA-2005-517.html RHSA-2005:523 http://www.redhat.com/support/errata/RHSA-2005-523.html SUSE-SA:2005:037 http://www.novell.com/linux/security/advisories/2005_37_real_player.html http://service.real.com/help/faq/security/050623_player/EN/ oval:org.mitre.oval:def:9509 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9509
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com