CVE-2005-2710

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.
References
Link Resource
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078 Vendor Advisory
http://marc.info/?l=bugtraq&m=112785544325326&w=2
http://marc.info/?l=full-disclosure&m=112775929608219&w=2
http://secunia.com/advisories/16954
http://secunia.com/advisories/16961
http://secunia.com/advisories/16981
http://secunia.com/advisories/17116
http://secunia.com/advisories/17127
http://securityreason.com/securityalert/27
http://securityreason.com/securityalert/41
http://www.debian.org/security/2005/dsa-826 Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml
http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities Vendor Advisory
http://www.kb.cert.org/vuls/id/361181 Third Party Advisory US Government Resource
http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html
http://www.open-security.org/advisories/13 Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-762.html
http://www.redhat.com/support/errata/RHSA-2005-788.html Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078 Vendor Advisory
http://marc.info/?l=bugtraq&m=112785544325326&w=2
http://marc.info/?l=full-disclosure&m=112775929608219&w=2
http://secunia.com/advisories/16954
http://secunia.com/advisories/16961
http://secunia.com/advisories/16981
http://secunia.com/advisories/17116
http://secunia.com/advisories/17127
http://securityreason.com/securityalert/27
http://securityreason.com/securityalert/41
http://www.debian.org/security/2005/dsa-826 Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml
http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities Vendor Advisory
http://www.kb.cert.org/vuls/id/361181 Third Party Advisory US Government Resource
http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html
http://www.open-security.org/advisories/13 Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-762.html
http://www.redhat.com/support/errata/RHSA-2005-788.html Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:realnetworks:helix_player:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:00

Type Values Removed Values Added
References () http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078 - Vendor Advisory () http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078 - Vendor Advisory
References () http://marc.info/?l=bugtraq&m=112785544325326&w=2 - () http://marc.info/?l=bugtraq&m=112785544325326&w=2 -
References () http://marc.info/?l=full-disclosure&m=112775929608219&w=2 - () http://marc.info/?l=full-disclosure&m=112775929608219&w=2 -
References () http://secunia.com/advisories/16954 - () http://secunia.com/advisories/16954 -
References () http://secunia.com/advisories/16961 - () http://secunia.com/advisories/16961 -
References () http://secunia.com/advisories/16981 - () http://secunia.com/advisories/16981 -
References () http://secunia.com/advisories/17116 - () http://secunia.com/advisories/17116 -
References () http://secunia.com/advisories/17127 - () http://secunia.com/advisories/17127 -
References () http://securityreason.com/securityalert/27 - () http://securityreason.com/securityalert/27 -
References () http://securityreason.com/securityalert/41 - () http://securityreason.com/securityalert/41 -
References () http://www.debian.org/security/2005/dsa-826 - Vendor Advisory () http://www.debian.org/security/2005/dsa-826 - Vendor Advisory
References () http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml - () http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml -
References () http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities - Vendor Advisory () http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities - Vendor Advisory
References () http://www.kb.cert.org/vuls/id/361181 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/361181 - Third Party Advisory, US Government Resource
References () http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html - () http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html -
References () http://www.open-security.org/advisories/13 - Vendor Advisory () http://www.open-security.org/advisories/13 - Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2005-762.html - () http://www.redhat.com/support/errata/RHSA-2005-762.html -
References () http://www.redhat.com/support/errata/RHSA-2005-788.html - Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2005-788.html - Vendor Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015 -

Information

Published : 2005-09-27 20:03

Updated : 2024-11-21 00:00


NVD link : CVE-2005-2710

Mitre link : CVE-2005-2710

CVE.ORG link : CVE-2005-2710


JSON object : View

Products Affected

realnetworks

  • helix_player
  • realplayer