Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-3410

Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20070626 RealNetworks ...
CERT-VN: VU#770904
SECTRACK: 1018297
SECTRACK: 1018299
SECUNIA: 25819
REDHAT: RHSA-2007:0605
BID: 24658
SECUNIA: 25859
REDHAT: RHSA-2007:0841
SECUNIA: 26463
GENTOO: GLSA-200709-05
SECUNIA: 26828
CONFIRM: http://service.real.co...
VIM: 20071030 RealPlayer Up...
SECUNIA: 27361
OSVDB: 37374
VUPEN: ADV-2007-2339
VUPEN: ADV-2007-3628
OSVDB: 38342
XF: realplayer-smiltime-wa...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2007-3410

Related bugs

References