Critical: Red Hat Security Advisory: RealPlayer security update

RealPlayer 10.0.9 as shipped in Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary, contains a security flaw and should not be used. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 17 September 2008 We have updated this...

RealPlayer 9 *nix Local Privilege Escalation Exploit

No description provided by source. / rp9-priv-esc.c A local privilege escalation attack against the community supported version of Real.com's Realplayer, version 9. Written by: Jon Hart warchild spoofed.org By default, configuration files are stored in $USER/.realnetworks/, but all the files in...

Debian DSA-1584-1 : libfishsound - buffer overflow

It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] Fedora 7 Update: libfishsound-0.9.1-1.fc7

libfishsound provides a simple programming interface for decoding and encoding audio data using Xiph.Org codecs FLAC, Speex and Vorbis. libfishsound by itself is designed to handle raw codec streams from a lower level layer such as UDP datagrams. When these codecs are used in files, they are...

[SECURITY] Fedora 8 Update: libfishsound-0.9.1-1.fc8

libfishsound provides a simple programming interface for decoding and encoding audio data using Xiph.Org codecs FLAC, Speex and Vorbis. libfishsound by itself is designed to handle raw codec streams from a lower level layer such as UDP datagrams. When these codecs are used in files, they are...

GLSA-200803-08 : Win32 binary codecs: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-08 Win32 binary codecs: Multiple vulnerabilities Multiple buffer overflow, heap overflow, and integer overflow vulnerabilities were discovered in the Quicktime plugin when processing MOV, FLC, SGI, H.264 and FPX files. Impa...

Digital Data Communications (RtspVaPgCtrl) Remote BOF Exploit

No description provided by source. !-- Digital Data Communications RtspVaPgCtrl Class RtspVapgDecoder.dll 1.1.0.29 remote buffer overflow ie7/xp sp2 You may ask why I'm interested in theese untested/unpatched codecs, oh, well, I'm preparing a live scanner for clsid's, I mean not a fuzzer a...

Digital Data Communications (RtspVaPgCtrl) Remote BOF Exploit

Exploit for unknown platform in category remote exploits ============================================================= Digital Data Communications RtspVaPgCtrl Remote BOF Exploit ============================================================= ///add su one, user: sun pass: tzu shellcode =...

Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow

///add su one, user: sun pass: tzu shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" + "%u4142%u4230%u5841%u3850%u4241%u6d75%u6b39%u494c" +...

win32-codecs -- multiple vulnerabilities

The Apple Security Team reports that there are multiple vulnerabilities within QuickTime one of the plugins for win32-codecs. A remote attacker capable of creating a malicious SGI image, FlashPix, FLC movie, or a QuickTime movie can possibly lead to execution of arbitrary code or cause a Denial o...