Lucene search
AnonymousZDI-10-007HistoryJan 21, 2010 - 12:00 a.m.
RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability
2010-01-2100:00:00
Anonymous
www.zerodayinitiative.com
13
EPSS
0.631
Percentile
97.9%
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the smlrender.dll library responsible for parsing SMIL files. A lack of proper string length checks can result in the overflow of a static heap buffer. Exploitation of this overflow can lead to arbitrary code execution under the context of the user running the process.
Related
openvas
openvas
RealNetworks RealPlayer SMIL file BOF Vulnerability - Linux
2010-02-02 00:00:00
RealNetworks RealPlayer SMIL file BOF Vulnerability (Linux)
2010-02-02 00:00:00
CentOS Update for HelixPlayer CESA-2010:0094 centos4 i386
2010-02-15 00:00:00
cvelist
cvelist
CVE-2009-4257
2010-01-25 19:00:00
prion
prion
Heap overflow
2010-01-25 19:30:00
securityvulns
securityvulns
ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability
2010-01-21 00:00:00
RealNetworks RealPlayer multiple security vulnerabilities
2010-02-02 00:00:00
cve
cve
CVE-2009-4257
2010-01-25 19:30:01
ubuntucve
ubuntucve
CVE-2009-4257
2010-01-25 00:00:00
nvd
nvd
CVE-2009-4257
2010-01-25 19:30:01
nessus
nessus
SuSE 10 Security Update : Realplayer and banshee (ZYPP Patch Number 7122)
2011-01-27 00:00:00
CentOS 4 : HelixPlayer (CESA-2010:0094)
2010-02-10 00:00:00
Oracle Linux 4 : HelixPlayer (ELSA-2010-0094)
2013-07-12 00:00:00
centos
centos
HelixPlayer security update
2010-02-09 17:22:40
oraclelinux
oraclelinux
HelixPlayer security update
2010-02-09 00:00:00
redhat
redhat
(RHSA-2010:0094) Critical: HelixPlayer security update
2010-02-09 00:00:00
seebug
seebug
RealPlayer皮肤和媒体文件解析多个缓冲区溢出漏洞
2010-01-22 00:00:00