CVE-2005-0189

Name of the Vulnerable Software and Affected Versions RealPlayer versions prior to 10.5 (6.0.12.1040)

Description The issue is related to a stack-based buffer overflow in the HandleAction function. This allows remote attackers to execute arbitrary code via a long ShowPreferences argument.

Recommendations For versions prior to 10.5 (6.0.12.1040), consider updating to a version that is not affected by this issue. As a temporary workaround, restrict the use of the HandleAction function until a patch is available. Avoid using long ShowPreferences arguments in the affected API endpoint until the issue is resolved.