Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.68558
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2010:0981
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2010:0981.

Helix Player is a media player.

Multiple security flaws were discovered in RealPlayer. Helix Player and
RealPlayer share a common source code base
therefore, some of the flaws
discovered in RealPlayer may also affect Helix Player. Some of these flaws
could, when opening, viewing, or playing a malicious media file or stream,
lead to arbitrary code execution with the privileges of the user running
Helix Player. (CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379,
CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386,
CVE-2010-4392)

The Red Hat Security Response Team is unable to properly determine the
impact or fix all of these issues in Helix Player, due to the source code
for RealPlayer being unavailable.

Due to the security concerns this update removes the HelixPlayer package
from Red Hat Enterprise Linux 4. Users wishing to continue to use Helix
Player should download it directly from https://player.helixcommunity.org/

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0981.html

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-2997
http://www.zerodayinitiative.com/advisories/ZDI-10-270
http://www.redhat.com/support/errata/RHSA-2010-0981.html
http://www.securitytracker.com/id?1024861
Common Vulnerability Exposure (CVE) ID: CVE-2010-4375
http://www.zerodayinitiative.com/advisories/ZDI-10-266
Common Vulnerability Exposure (CVE) ID: CVE-2010-4378
http://www.zerodayinitiative.com/advisories/ZDI-10-274
Common Vulnerability Exposure (CVE) ID: CVE-2010-4379
Common Vulnerability Exposure (CVE) ID: CVE-2010-4382
Common Vulnerability Exposure (CVE) ID: CVE-2010-4383
Common Vulnerability Exposure (CVE) ID: CVE-2010-4384
http://www.zerodayinitiative.com/advisories/ZDI-10-268
Common Vulnerability Exposure (CVE) ID: CVE-2010-4385
Common Vulnerability Exposure (CVE) ID: CVE-2010-4386
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=883
Common Vulnerability Exposure (CVE) ID: CVE-2010-4392
http://www.zerodayinitiative.com/advisories/ZDI-10-280
http://osvdb.org/69852
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.