Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-4257
Description:Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.
Test IDs: 1.3.6.1.4.1.25623.1.0.902109  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4257
BugTraq ID: 37880
http://www.securityfocus.com/bid/37880
Bugtraq: 20100121 ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/509105/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-007/
http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11110
RedHat Security Advisories: RHSA-2010:0094
http://www.redhat.com/support/errata/RHSA-2010-0094.html
http://securitytracker.com/id?1023489
http://secunia.com/advisories/38218
http://secunia.com/advisories/38450
http://www.vupen.com/english/advisories/2010/0178
XForce ISS Database: realnetworks-realplayer-smil-bo(55798)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55798




© 1998-2024 E-Soft Inc. All rights reserved.