CVE-2003-0141

Name of the Vulnerable Software and Affected Versions: RealOne Player versions 6.0.11.x and earlier RealPlayer 8/RealPlayer Plus 8 version 6.0.9.584

Description: The issue concerns the PNG deflate algorithm, which allows remote attackers to corrupt the heap and overwrite arbitrary memory. This is achieved through a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, treated as a very large length.

Recommendations: For RealOne Player versions 6.0.11.x and earlier, update to a version later than 6.0.11.x to resolve the issue. For RealPlayer 8/RealPlayer Plus 8 version 6.0.9.584, update to a version later than 6.0.9.584 to resolve the issue.