Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 245836 - (CVE-2007-3410) CVE-2007-3410 RealPlayer/HelixPlayer buffer overflow
CVE-2007-3410 RealPlayer/HelixPlayer buffer overflow
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
impact=critical,source=internet,repor...
: Security
Depends On: 245838 245839 245840 245841 245842 245843 245844 245845 245846 245848 245850
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-26 19:27 EDT by Josh Bressers
Modified: 2007-10-26 04:11 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-26 04:11:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch created by Chris Aillon (3.69 KB, patch)
2007-06-27 10:21 EDT, Josh Bressers 		no flags Details | Diff
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2007:0605 normal SHIPPED_LIVE Critical: HelixPlayer security update 2008-01-07 17:19:11 EST
Red Hat Product Errata RHSA-2007:0841 normal SHIPPED_LIVE Critical: RealPlayer security update 2007-08-17 04:11:11 EDT

  None (edit)
Description Josh Bressers 2007-06-26 19:27:04 EDT 
A buffer overflow flaw was discovered in the way RealPlayer and HelixPlayer
handle the wallclock variable in Synchronized Multimedia Integration Language
(SMIL) files.

More information regarding this flaw can be found here:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547
Comment 5 Mark J. Cox 2007-06-27 04:54:46 EDT 
Note the latest realplayer for Linux from real.com, version 10.0.8.805
segfaults using the reproducer.
Comment 8 Josh Bressers 2007-06-27 10:21:31 EDT 
Created attachment 158016 [details]
Patch created by Chris Aillon
Comment 9 Mark J. Cox 2007-07-16 09:25:45 EDT 
still no update from Real, 10.0.8.805 is latest available
Comment 10 Mark J. Cox 2007-08-01 05:10:20 EDT 
still no update from Real, 10.0.8.805 is latest available on their site
Comment 12 Mark J. Cox 2007-08-17 04:09:49 EDT 
The Real security page hasn't been updated with the new build, but if you visit
www.real.com and download the Linux version you get 10.0.9.809 and the version
release notes include:

  What's New in 10.0.9.809

    Security bugs fixes.

That's good enough for me, pushing update RHSA-2007:0841
Comment 13 Tomas Hoger 2007-10-26 04:11:23 EDT 
Fix was now publicly announced by RealNetworks:

http://service.real.com/realplayer/security/10252007_player/en/

Vulnerability 3:
The identified vulnerability is a malicious SMIL file which could cause a buffer
overflow in the RealPlayer. CVE-2007-3410
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.