PT-2005-3520 · Realnetworks · Dunzip32.Dll+2

Fang Xing

Publicado

2005-11-18

Atualizado

2017-07-11

CVE-2005-2630

CVSS v2.0

5.1

Média

Vetor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions RealPlayer versions 8, 10, and 10.5 RealOne Player versions 1 and 2

Description A heap-based buffer overflow issue exists in the DUNZIP32.DLL component, allowing remote attackers to execute arbitrary code through a crafted RealPlayer Skin (RJS) file.

Recommendations For RealPlayer versions 8, 10, and 10.5, consider disabling the use of RealPlayer Skin (RJS) files until a patch is available. For RealOne Player versions 1 and 2, avoid using the DUNZIP32.DLL component for processing RJS files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2630

Produtos afetados

Dunzip32.Dll

Realone Player

Realplayer

PT-2005-3520 · Realnetworks · Dunzip32.Dll+2

CVE-2005-2630

Identificadores relacionados

Produtos afetados

Referências · 12