 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.68558 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Security Advisory RHSA-2010:0981 |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory RHSA-2010:0981. Helix Player is a media player. Multiple security flaws were discovered in RealPlayer. Helix Player and RealPlayer share a common source code base therefore, some of the flaws discovered in RealPlayer may also affect Helix Player. Some of these flaws could, when opening, viewing, or playing a malicious media file or stream, lead to arbitrary code execution with the privileges of the user running Helix Player. (CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392) The Red Hat Security Response Team is unable to properly determine the impact or fix all of these issues in Helix Player, due to the source code for RealPlayer being unavailable. Due to the security concerns this update removes the HelixPlayer package from Red Hat Enterprise Linux 4. Users wishing to continue to use Helix Player should download it directly from https://player.helixcommunity.org/ Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0981.html Risk factor : Critical CVSS Score: 9.3 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-2997 http://www.zerodayinitiative.com/advisories/ZDI-10-270 http://www.redhat.com/support/errata/RHSA-2010-0981.html http://www.securitytracker.com/id?1024861 Common Vulnerability Exposure (CVE) ID: CVE-2010-4375 http://www.zerodayinitiative.com/advisories/ZDI-10-266 Common Vulnerability Exposure (CVE) ID: CVE-2010-4378 http://www.zerodayinitiative.com/advisories/ZDI-10-274 Common Vulnerability Exposure (CVE) ID: CVE-2010-4379 Common Vulnerability Exposure (CVE) ID: CVE-2010-4382 Common Vulnerability Exposure (CVE) ID: CVE-2010-4383 Common Vulnerability Exposure (CVE) ID: CVE-2010-4384 http://www.zerodayinitiative.com/advisories/ZDI-10-268 Common Vulnerability Exposure (CVE) ID: CVE-2010-4385 Common Vulnerability Exposure (CVE) ID: CVE-2010-4386 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=883 Common Vulnerability Exposure (CVE) ID: CVE-2010-4392 http://www.zerodayinitiative.com/advisories/ZDI-10-280 http://osvdb.org/69852 |
| Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |