2 matches found
ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability
ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-061.html October 25, 2007 -- CVE ID: CVE-2007-2263 -- Affected Vendor: RealNetworks -- Affected Products: RealNetworks RealPlayer version 10.5 -- TippingPointT...
CVE-2007-2263
CVE-2007-2263 describes a heap-based buffer overflow in RealNetworks RealPlayer/RealOne/HelixPlayer when processing SWF files with malformed record headers, allowing remote code execution. The underlying flaw is in how RealPlayer’s SWF parsing handles header records, enabling an attacker to craft...