Red Hat Bugzilla – Bug 159871
CAN-2005-1766 HelixPlayer heap overflow
Last modified: 2007-11-30 17:07:18 EST
+++ This bug was initially created as a clone of Bug #159864 +++
This vulnerability involved a complex interaction between a maliciously created
SMIL file and specifically crafted web server caused a heap overflow in the
error message processing for RealText which could have allowed an attacker to
execute arbitrary code on a customer's machine.
This issue also affects HelixPlayer
I will attach a patch as soon as I have one.
RHEL-4 built and symlinked
Josh are you taking care of teh errata for this?
Yes, this is RHSA-2005:517, it has already passed QA. We're just waiting on the
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.