Red Hat Bugzilla – Bug 159872
CAN-2005-1766 HelixPlayer heap overflow
Last modified: 2013-03-13 00:48:22 EDT
+++ This bug was initially created as a clone of Bug #159871 +++
This vulnerability involved a complex interaction between a maliciously created
SMIL file and specifically crafted web server caused a heap overflow in the
error message processing for RealText which could have allowed an attacker to
execute arbitrary code on a customer's machine.
This issue also affects HelixPlayer
This issue will have to be fixed in FC4 as well.
RHEL-4 built and symlinked
FC-3 & 4 build. I will have Colin push these as I will be away when the embargo