RealNetworks has published a security advisory mentioning 11 security issues affecting various RealPlayer / HelixPlayer versions: http://service.real.com/realplayer/security/01192010_player/en/ Upstream advisory does not specify which issues should be applicable to HelixPlayer 1.0.x versions (Affected? By various). Some of the issues are covered by 3rd party advisories (e.g. ZDI) listed below. Vulnerability 1: The identified vulnerability is a RealPlayer ASM Rulebook heap-based buffer overflow: CVE-2009-4241 http://www.zerodayinitiative.com/advisories/ZDI-10-005/ Vulnerability 2: The identified vulnerability is a RealPlayer GIF file Heap Overflow: CVE-2009-4242 http://www.zerodayinitiative.com/advisories/ZDI-10-006/ Vulnerability 3: The identified vulnerability is a RealPlayer media Overflow (http chunk encoding): CVE-2009-4243 Vulnerability 4: The identified vulnerability is a RealPlayer IVR file processing buffer overflow: CVE-2009-0375 Vulnerability 5: The identified vulnerability is a RealPlayer IVR file Heap overflow: CVE-2009-0376 http://www.zerodayinitiative.com/advisories/ZDI-10-009/ http://www.fortiguard.com/advisory/FGA-2009-04.html (0375, 0376) Vulnerability 6: The identified vulnerability is a RealPlayer SIPR Codec Heap Overflow: CVE-2009-4244 http://www.zerodayinitiative.com/advisories/ZDI-10-008/ Vulnerability 7: The identified vulnerability is a RealPlayer compressed GIF Heap Overflow: CVE-2009-4245 Vulnerability 8: The identified vulnerability is a RealPlayer SMIL Parsing Heap Overflow Vulnerability: CVE-2009-4257 http://www.zerodayinitiative.com/advisories/ZDI-10-007/ Vulnerability 9: The identified vulnerability is a RealPlayer Skin Parsing Stack Overflow Vulnerability: CVE-2009-4246 http://www.zerodayinitiative.com/advisories/ZDI-10-010/ Vulnerability 10: The identified vulnerability is a RealPlayer ASM RuleBook Array Overflow: CVE-2009-4247 Vulnerability 11: The identified vulnerability is a RealPlayer rtsp set_parameter buffer overflow: CVE-2009-4248
Some of the issues affect proprietary codes / file formats that are only supported by RealPlayer or RealPlayer on certain platforms (IVR CVE-2009-0375, CVE-2009-0376; SIPR CVE-2009-4244). Linux versions of RealPlayer and Helix Player don't seem to support skins (CVE-2009-4246)
RealNetworks confirmed that vulnerabilities 4, 5, 6 and 9 (listed in comment #1) did not affect HelixPlayer 1.x. RealNetworks also confirmed that vulnerability 1 did not affect HelixPlayer 1.x. According to ZDI, the flaw existed in the code responsible for parsing ASMRuleBook structures in the Real Media (RM) format files. Codec for RM format is not included with HelixPlayer.
Remaining vulnerabilities 2, 3, 7, 8, 10, and 11 are tracked via separate bugs: bug #561436 - GIF file heap overflow bug #561388 - HTTP chunk encoding overflow bug #561441 - compressed GIF heap overflow bug #561309 - SMIL getAtom heap buffer overflow bug #561338 - RTSP client ASM RuleBook stack buffer overflow bug #561361 - RTSP SET_PARAMETER buffer overflow While collecting patches for those issues, two additional older security fixes were spotted in the upstream CVS: bug #561856 - URL unescape buffer overflow bug #561860 - rule book handling heap corruption
Closing this one, all relevant issues are tracked via separate bugs.