CVE-2005-0455

Name of the Vulnerable Software and Affected Versions RealPlayer versions 6.0.12.1056 and earlier RealPlayer version 10 RealPlayer version 8 RealOne Player version V2 RealOne Player version V1

Description The issue is a stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function, located in the smlparse.cpp file. This allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.

Recommendations For RealPlayer versions 6.0.12.1056 and earlier, update to a version later than 6.0.12.1056. For RealPlayer version 10, consider disabling the CSmil1Parser::testAttributeFailed function until a patch is available. For RealPlayer version 8, restrict access to .SMIL files to minimize the risk of exploitation. For RealOne Player version V2 and V1, avoid using the vulnerable function until the issue is resolved.