25 matches found
SUSE CVE-2005-2967
Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
No description provided by source. $Id: realplayercddauri.rb 12009 2011-03-17 15:42:28Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
RealPlayer CDDA URI Code Execution - Ver2 (CVE-2010-3747)
A code execution vulnerability has been reported in RealNetworks RealPlayer ActiveX control.RealPlayer. The vulnerability is due to access to uninitialized memory during processing of CDDA URIs. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted web fil...
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
$Id: realplayercddauri.rb 12009 2011-03-17 15:42:28Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
Exploit for windows platform in category remote exploits $Id: realplayercddauri.rb 12009 2011-03-17 15:42:28Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
This module exploits an initialization flaw within RealPlayer 11/11.1 and RealPlayer SP 1.0 - 1.1.4. An abnormally long CDDA URI causes an object initialization failure. However, this failure is improperly handled and uninitialized memory executed. This module requires Metasploit:...
RealNetworks RealPlayer - CDDA URI Initialization (Metasploit)
$Id: realplayercddauri.rb 12009 2011-03-17 15:42:28Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution (CVE-2010-3747)
RealPlayer is a media player application developed by RealNetworks Inc. This application is capable of playing back numerous multimedia file formats and can open media files from local file system or network servers. A remote code execution vulnerability has been reported in RealNetworks RealPlay...
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...
RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution
Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...
Null pointer dereference
An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of...
RealNetworks RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the parsing of long CDDA URIs due to a failure...
VLC media player multiple security vulnerabilities
Format string vulnerabilities in Ogg Vorbis and Ogg Theora comments parsing, CDDA data, SAP/SDP discovery service. Integer overflow and uninitialized variables on WAV parsing...
VLC 0.8.6b format string vulnerability & integer overflow
iSEC Partners Security Advisory - 2007-001-vlc http://www.isecpartners.com ---------------------------------------------- VLC 0.8.6b format string vulnerability & integer overflow Vendor: VideoLan Vendor URL: http://www.videolan.org Systems Affected: Confirmed on Windows XP, FreeBSD 6.2, MacOS X...
CVE-2007-3316
Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in 1 an Ogg/Vorbis file, 2 an Ogg/Theora file, 3 a CDDB entry for a CD Digital Audio CDDA...
vlc -- format string vulnerability and integer overflow
isecpartners reports: VLC is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialized...
CVE-2007-0017
Multiple format string vulnerabilities in 1 the cdiologhandler function in modules/access/cdda/access.c in the CDDA libcddaplugin plugin, and the 2 cdiologhandler and 3 vcdloghandler functions in modules/access/vcdx/access.c in the VCDX libvcdxplugin plugin, in VideoLAN VLC 0.7.0 through 0.8.6...
CVE-2007-0017
Multiple format string vulnerabilities in 1 the cdiologhandler function in modules/access/cdda/access.c in the CDDA libcddaplugin plugin, and the 2 cdiologhandler and 3 vcdloghandler functions in modules/access/vcdx/access.c in the VCDX libvcdxplugin plugin, in VideoLAN VLC 0.7.0 through 0.8.6...