Executive Summary
Summary | |
---|---|
Title | HelixPlayer security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:271 | First vendor Publication | 2005-03-03 |
Vendor | RedHat | Last vendor Modification | 2005-03-03 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.1 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated HelixPlayer package that fixes two buffer overflow issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Problem description: HelixPlayer is a media player. A stack based buffer overflow bug was found in HelixPlayer's Synchronized Multimedia Integration Language (SMIL) file processor. An attacker could create a specially crafted SMIL file which would execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0455 to this issue. A buffer overflow bug was found in the way HelixPlayer decodes WAV files. An attacker could create a specially crafted WAV file which could execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0611 to this issue. All users of HelixPlayer are advised to upgrade to this updated package, which contains HelixPlayer 1.0.3 which is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150098 - CAN-2005-0455 buffer overflow in helixplayer 150103 - CAN-2005-0611 .wav overflow in helixplayer |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-271.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10926 | |||
Oval ID: | oval:org.mitre.oval:def:10926 | ||
Title: | Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. | ||
Description: | Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0455 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11419 | |||
Oval ID: | oval:org.mitre.oval:def:11419 | ||
Title: | Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | ||
Description: | Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0611 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 | |
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-04 | Name : FreeBSD Ports: linux-realplayer File : nvt/freebsd_linux-realplayer.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
14306 | RealPlayer .wav File Processing Overflow |
14305 | RealPlayer .smil File Processing Overflow A buffer overflow exists in RealPlayer. The application fails to validate the contents of .smil files resulting in a stack overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | RealNetworks RealPlayer SMIL file overflow attempt RuleID : 3473 - Revision : 24 - Type : FILE-MULTIMEDIA |
2014-01-10 | RealNetworks RealPlayer wav chunk string overflow attempt RuleID : 17700 - Revision : 7 - Type : FILE-MULTIMEDIA |
2014-01-10 | RealNetworks RealPlayer wav chunk string overflow attempt in email RuleID : 17698 - Revision : 11 - Type : SERVER-MAIL |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-188.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c73305ae8cd711d99873000a95bc6fae.nasl - Type : ACT_GATHER_INFO |
2005-03-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-299.nasl - Type : ACT_GATHER_INFO |
2005-03-09 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_014.nasl - Type : ACT_GATHER_INFO |
2005-03-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-265.nasl - Type : ACT_GATHER_INFO |
2005-03-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-271.nasl - Type : ACT_GATHER_INFO |
2005-03-02 | Name : The remote Windows application is affected by several remote overflows. File : realplayer_multiple_vulns.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:09 |
|