CVE-2005-2629

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-2629
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.

5.1 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://marc.info/?l=bugtraq&m=113166476423021&w=2
http://secunia.com/advisories/17514/ Patch Vendor Advisory
http://secunia.com/advisories/17559
http://secunia.com/advisories/17860 Patch Vendor Advisory
http://securityreason.com/securityalert/169
http://securitytracker.com/id?1015184
http://securitytracker.com/id?1015185
http://securitytracker.com/id?1015186
http://service.real.com/help/faq/security/051110_player/EN/ Patch
http://www.debian.org/security/2005/dsa-915 Patch Vendor Advisory
http://www.eeye.com/html/research/advisories/AD20051110a.html Patch Vendor Advisory
http://www.securityfocus.com/bid/15381/
https://exchange.xforce.ibmcloud.com/vulnerabilities/23024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9550
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:realnetworks:helix_player:1.0:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:1.0.1:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:1.0.2:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:1.0.3:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:1.0.4:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_player:1.0.5:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:8.0:*:win32:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:linux:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:*
History

No history.

Information

Published : 2005-11-18 23:03

Updated : 2024-02-28 10:42

NVD link : CVE-2005-2629

Mitre link : CVE-2005-2629

CVE.ORG link : CVE-2005-2629

JSON object : View

Products Affected

realnetworks

  • realplayer
  • helix_player
  • realone_player
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024