CVE-2007-3410

Name of the Vulnerable Software and Affected Versions RealPlayer versions 10 through 10.1 RealOne Player (affected versions not specified) RealPlayer Enterprise (affected versions not specified) Helix Player versions 10.0.5 through 10.0.8 Helix Player version 10.5-GOLD

Description The issue is a stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function, which can be exploited by remote attackers to execute arbitrary code. This is achieved through an SMIL file with a long wallclock value.

Recommendations For RealPlayer versions 10 through 10.1, update to a version that fixes the SmilTimeValue::parseWallClockValue function issue. For RealOne Player, apply the necessary patch or configuration change as recommended by the vendor to fix the issue in the SmilTimeValue::parseWallClockValue function. For RealPlayer Enterprise, update to a version that fixes the SmilTimeValue::parseWallClockValue function issue or apply the recommended configuration change. For Helix Player versions 10.0.5 through 10.0.8, update to a version that fixes the SmilTimeValue::parseWallClockValue function issue. For Helix Player version 10.5-GOLD, update to a version that fixes the SmilTimeValue::parseWallClockValue function issue.