(RHSA-2005:517) HelixPlayer security update

2005-06-2300:00:00

access.redhat.com

EPSS

0.799

Percentile

98.3%

JSON

HelixPlayer is a media player.

A buffer overflow bug was found in the way HelixPlayer processes SMIL files.
An attacker could create a specially crafted SMIL file, which when combined
with a malicious web server, could execute arbitrary code when opened by a
user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1766 to this issue.

All users of HelixPlayer are advised to upgrade to this updated package,
which contains HelixPlayer version 10.0.5 and is not vulnerable to this issue.

OSVersionArchitecturePackageVersionFilename
RedHatanyppchelixplayer< 1.0.5-0.EL4.1HelixPlayer-1.0.5-0.EL4.1.ppc.rpm
RedHatanysrchelixplayer< 1.0.5-0.EL4.1HelixPlayer-1.0.5-0.EL4.1.src.rpm
RedHatanyi386helixplayer< 1.0.5-0.EL4.1HelixPlayer-1.0.5-0.EL4.1.i386.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc	helixplayer	< 1.0.5-0.EL4.1	HelixPlayer-1.0.5-0.EL4.1.ppc.rpm
RedHat	any	src	helixplayer	< 1.0.5-0.EL4.1	HelixPlayer-1.0.5-0.EL4.1.src.rpm
RedHat	any	i386	helixplayer	< 1.0.5-0.EL4.1	HelixPlayer-1.0.5-0.EL4.1.i386.rpm

EPSS

0.799

Percentile

98.3%

JSON

Related for RHSA-2005:517