RHSA-2005-394: realplayer

NASLDB: RHSA-2005-394: realplayer

General

ID: 18111
Name: RHSA-2005-394: realplayer

Summary: Check for the version of the realplayer packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Red Hat Local Security Checks
Type: –

Description

An updated RealPlayer package that fixes a buffer overflow issue is now
available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

RealPlayer is a media player providing solid media playback locally
and via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video,
Flash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and
more.

A buffer overflow bug was found in the way RealPlayer processes RAM files.
An attacker could create a specially crafted RAM file which could execute
arbitrary code when opened by a user. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2005-0755 to
this issue.

All users of RealPlayer are advised to upgrade to this updated package,
which contains RealPlayer version 10.0.4 and is not vulnerable to this
issue.