CVE-2002-1321 Information

Description

Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter (2) a long long filename in a rtsp:// request e.g. from a .m3u file or (3) certain \Now Playing\ options on a downloaded file with a long filename.

Reference

http://marc.info/?l=bugtraq&m=103808645120764&w=2 http://service.real.com/help/faq/security/bufferoverrun_player.html http://www.securityfocus.com/bid/6227 http://www.securityfocus.com/bid/6229 https://exchange.xforce.ibmcloud.com/vulnerabilities/10677