CVE-2005-2710 Information

Feb 14, 2021 cve

Description

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.

Reference

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078 http://marc.info/?l=bugtraq&m=112785544325326&w=2 http://marc.info/?l=full-disclosure&m=112775929608219&w=2 http://secunia.com/advisories/16954 http://secunia.com/advisories/16961 http://secunia.com/advisories/16981 http://secunia.com/advisories/17116 http://secunia.com/advisories/17127 http://securityreason.com/securityalert/27 http://securityreason.com/securityalert/41 http://www.debian.org/security/2005/dsa-826 http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities http://www.kb.cert.org/vuls/id/361181 http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html http://www.open-security.org/advisories/13 http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-788.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11015

Share on: