Test ID:	1.3.6.1.4.1.25623.1.0.55563
Category:	SuSE Local Security Checks
Title:	SuSE Security Advisory SUSE-SA:2005:059 (RealPlayer)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory SUSE-SA:2005:059. The following security issue in RealPlayer was fixed: - A format string bug in the RealPix (.rp) file format parser (CVE-2005-2710). This bug allowed remote attackers to execute arbitrary code by supplying a specially crafted file, e.g via Web page or E-Mail. Note that we no longer support RealPlayer on the following distributions for some time now: - SUSE Linux 9.1 - SUSE Linux 9.0 - SUSE Linux Desktop 1.0 On these distributions, please deinstall RealPlayer by running as root: rpm -e RealPlayer Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2005:059 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2710 Bugtraq: 20050926 RealPlayer && HelixPlayer Remote Format String Exploit (Google Search) http://marc.info/?l=bugtraq&m=112785544325326&w=2 CERT/CC vulnerability note: VU#361181 http://www.kb.cert.org/vuls/id/361181 Debian Security Information: DSA-826 (Google Search) http://www.debian.org/security/2005/dsa-826 http://marc.info/?l=full-disclosure&m=112775929608219&w=2 http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities http://www.open-security.org/advisories/13 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015 http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-788.html http://secunia.com/advisories/16954 http://secunia.com/advisories/16961 http://secunia.com/advisories/16981 http://secunia.com/advisories/17116 http://secunia.com/advisories/17127 http://securityreason.com/securityalert/27 http://securityreason.com/securityalert/41 SuSE Security Announcement: SUSE-SA:2005:059 (Google Search) http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.