Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

Winamp 5.6存在多个安全漏洞

Bugtraq ID: 48457 Winamp是一款流行的媒体播放器。 Winamp存在多个安全漏洞，允许攻击者执行任意代码或使应用程序崩溃。 -当解析On2 TrueMotion VP6 codec编码的媒体文件时vp6.w5s存在错误，如果构建的FLV媒体文件中"version"字段超过8，可触发内存破坏。 -解析H263视频内容中"CustomWidth"和"CustomHeight"字段时存在错误，构建特制FLV文件可触发内存破坏。 -解压缩帧时nsvdecvp5.dll存在错误，构建特制的NSV文件可触发基于堆的缓冲区溢出。...

Microsoft Windows Media Player K-Lite解码器内存破坏漏洞

Bugtraq ID: 48263 Microsoft Windows Media Player是一款微软开发的媒体播放程序。 Microsoft Windows Media Player K-Lite解码器存在一个内存破坏漏洞，攻击者构建特制的3gp文件，诱使用户解析，可导致应用程序崩溃 Microsoft Windows Media Player 12 目前没有详细解决方案提供： http://www.microsoft.com/windows/windowsmedia/ http://www.deventum.com/research/CrashWMplayer.3gp...

Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)

Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service PoC Greetings, There is a DOS condition on windows media player when the klite codec pack is installed. Exploit Title: Windows Media Player with klite codec pack DOS Poc Date: 14/06/2011 Author: Nicolas Krassas ,...

Windows Media Player with K-Lite Codec Pack DoS PoC

Exploit for windows platform in category dos / poc Greetings, There is a DOS condition on windows media player when the klite codec pack is installed. Exploit Title: Windows Media Player with klite codec pack DOS Poc Date: 14/06/2011 Author: Nicolas Krassas , www.twitter.com/dinosn Version:Window...

Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)

Greetings, There is a DOS condition on windows media player when the klite codec pack is installed. Exploit Title: Windows Media Player with klite codec pack DOS Poc Date: 14/06/2011 Author: Nicolas Krassas , www.twitter.com/dinosn Version:Windows Media Player 12 Tested on: Windows 7 The 3gp...

Fedora 14 : mumble-1.2.3-2.fc14 (2011-7194)

Update to 1.2.3 addressing a security issue and fixing the codec issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 15 : mumble-1.2.3-2.fc15 (2011-7183)

Update to 1.2.3 addressing a security issue and fixing the codec issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of libtiff. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of th...

SuSE 10 Security Update : Realplayer and banshee (ZYPP Patch Number 7122)

The security support of Real Player 10 was discontinued a while ago by Real Networks. As there are known critical security problems in Real Player 10 and we are unable to fix them nor update to Real Player 11, we are disabling this player. The media player of SUSE Linux Enterprise Desktop 10, Hel...

libvpx: User-assisted execution of arbitrary code

Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description libvpx is vulnerable to an integer overflow vulnerability when processing crafted VP8 video streams. Impact A remote attacker could entice a user to open a...

RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Dec10

This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealplayermultvulnwindec10.nasl 5373 2017-02-20 16:27:48Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Windows - Dec10 Authors: Sooraj KS Copyright: Copyright c 2010...

RealNetworks RealPlayer Multiple Vulnerabilities (Linux) - Dec 10

This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealplayermultvulnlindec10.nasl 5373 2017-02-20 16:27:48Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Linux- Dec 10 Authors: Sooraj KS Copyright: Copyright c 2010...

RealNetworks RealPlayer Multiple Vulnerabilities (Dec 2010) - Windows

RealPlayer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : libvpx (RHSA-2010:0999)

Updated libvpx packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2010-4377

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Re...

CVE-2010-2579

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory...

CVE-2010-0121

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors...

Code injection

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors...

Heap overflow

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Re...