(RHSA-2005:265) RealPlayer security update

2005-03-03T05:00:00
ID RHSA-2005:265
Type redhat
Reporter RedHat
Modified 2017-07-22T04:32:44

Description

RealPlayer is a media player.

A stack based buffer overflow bug was found in RealPlayer's Synchronized Multimedia Integration Language (SMIL) file processor. An attacker could create a specially crafted SMIL file which would execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0455 to this issue.

A buffer overflow bug was found in the way RealPlayer decodes WAV sound files. An attacker could create a specially crafted WAV file which could execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0611 to this issue.

All users of RealPlayer are advised to upgrade to this updated package, which contains RealPlayer version 10.0.3 and is not vulnerable to these issues.