CVE-2010-0417

Name of the Vulnerable Software and Affected Versions Helix Player version 1.0.6 RealPlayer (affected versions not specified)

Description The issue is related to a buffer overflow in the common/util/rlstate.cpp file, which can be triggered by a RuleBook structure containing a large number of rule-separator characters. This can cause heap memory corruption, leading to a denial of service (application crash) or potentially allowing remote attackers to execute arbitrary code.

Recommendations For Helix Player version 1.0.6, update to a version that fixes the buffer overflow issue in the common/util/rlstate.cpp file. For RealPlayer, at the moment, there is no information about a newer version that contains a fix for this issue.