CVE-2009-4242

2010-01-25T19:30:00
ID CVE-2009-4242
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:48:00

Description

Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation. Specific affected release information can be found from RealNetworks at:

http://service.real.com/realplayer/security/01192010_player/en/