CVE-2006-0323

Name of the Vulnerable Software and Affected Versions RealPlayer versions 10.x RealOne Player (affected versions not specified) Rhapsody version 3 Helix Player (affected versions not specified)

Description The issue is related to a buffer overflow in the swfformat.dll component. This can be exploited by remote attackers through a crafted SWF (Flash) file, allowing them to execute arbitrary code. The exploitation can occur via a size value in the SWF file that is less than the actual size, or through other unspecified manipulations of the file.

Recommendations For RealPlayer version 10.x, update to a version that includes a fix for the buffer overflow in swfformat.dll. For RealOne Player, Rhapsody version 3, and Helix Player, at the moment, there is no information about a newer version that contains a fix for this vulnerability.