exploits , vulnerabilities , articles , RealPlayer/HelixPlayer ParseWallClockValue Function Buffer Overflow Vulnerability

Title	RealPlayer/HelixPlayer ParseWallClockValue Function Buffer Overflow Vulnerability
Published	2007-06-26-12:00AM
Updated	2008-03-13-04:01AM
Class	Boundary Condition Error
CVE	CVE-2007-3410
Remote	Yes
Local	No
Credit	The reporter of this issue wishes to remain anonymous.
Vulnerable	RedHat Enterprise Linux WS 4 RedHat Enterprise Linux Extras 4 RedHat Enterprise Linux Extras 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop Supplementary 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux Desktop version 4 Real Networks RealPlayer Enterprise Real Networks RealPlayer 10 for Mac OS 10.0 412 Real Networks RealPlayer 10 for Mac OS 10.0 396 Real Networks RealPlayer 10 for Mac OS 10.0 352 Real Networks RealPlayer 10 for Mac OS 10.0 .0.331 Real Networks RealPlayer 10 for Mac OS 10.0.0.305 Real Networks RealPlayer 10 for Linux 10.0.8 Real Networks RealPlayer 10 for Linux 10.0.7 Real Networks RealPlayer 10 for Linux 10.0.6 Real Networks RealPlayer 10 for Linux 10.0.5 Real Networks RealPlayer 10.5GOLD Real Networks RealOne Player for Mac 0 Real Networks RealOne Player 1.0 Real Networks HelixPlayer 10.5 GOLD Real Networks Helix Player for Linux 10.0.7 Real Networks Helix Player for Linux 10.0.6 Real Networks Helix Player for Linux 10.0.5 Gentoo Linux
Not Vulnerable
Code	UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.The following proof-of-concept code is available: /data/vulnerabilities/exploits/24658.html
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
• 2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
• 2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
• 2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
• 2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
• 2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
• 2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
• 2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
• 2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
• 2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 19:26:21 +0000