Advisories » RealPlayer/Helix Player SMIL wallclock Remote Buffer Overflow Vulnerability
| Release Date: | 27/06/2007 | Severity: | Highly Critical  |
| SecWatch Advisory: | SWID1018306 | Cause: | Boundary error |
| Solution Status: | Vendor Patch | Impact: | Execution of arbitrary code |
| Exploit Status: | None Available | Access Vector: | From remote |
| Affected Software: | Helix Player 1.x RealPlayer 10.x |
||
Description:
A vulnerability in RealPlayer and Helix Player has been reported, which can be exploited by remote users to compromise a user's system.
The vulnerability is due to a boundary error when handling time formats the in "SmilTimeValue::parseWallClockValue()" function, which can be exploited to cause a stack-based buffer overflow via an SMIL file with an overly long, specially-crafted time string.
Affected:
RealNetworks RealPlayer versions 10.x
Helix Player versions 1.x
Solution:
The vulnerability has been fixed in the latest version:
http://www.real.com/realplayer.html
Credits:
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
22 Oct 07: RealPlayer IERPCtl ActiveX Control Playlist Handling Remote Buffe..
26 Oct 07: RealNetworks Products Multiple Remote Buffer Overflows Vulnerabil..
28 Mar 06: RealPlayer <= 10.5 (6.0.12.1040-1348) SWF Buffer.. (RealPlayer_swf.pl)
23 Mar 06: RealNetworks Products Multiple Remote Buffer Overflow Vulnerabili..
01 May 07: RealPlayer 10 .ra File Handling Remote Denial.. (RealPlayer_RA_DoS.py)