PT-2005-1657 · Realnetworks+1 · Realplayer+2

Mark Litchfield

Published

2005-03-02

Updated

2017-10-11

CVE-2005-0611

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions RealPlayer versions 10.5 (6.0.12.1056 and earlier), 10, 8 RealOne Player versions V2 and V1

Description A heap-based buffer overflow issue allows remote attackers to execute arbitrary code via .WAV files.

Recommendations For RealPlayer versions 10.5 (6.0.12.1056 and earlier), 10, 8, update to a version later than 6.0.12.1056 to resolve the issue. For RealOne Player versions V2 and V1, update to a version later than V2 to resolve the issue. As a temporary workaround, consider avoiding the use of .WAV files with the affected RealPlayer and RealOne Player versions until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0611

RHSA-2005:271

RHSA-2005_271

Affected Products

Realone Player

Realplayer

Red Hat

PT-2005-1657 · Realnetworks+1 · Realplayer+2

CVE-2005-0611

Related Identifiers

Affected Products

References · 11