CVE-2007-2263

Name of the Vulnerable Software and Affected Versions RealPlayer versions 10.0 through 10.1 RealPlayer version 10.5 RealOne Player (affected versions not specified) RealPlayer Enterprise (affected versions not specified)

Description The issue is related to a heap-based buffer overflow that can be triggered by a remote attacker using an SWF (Flash) file with malformed record headers, potentially allowing the execution of arbitrary code.

Recommendations For RealPlayer versions 10.0 through 10.1, consider updating to a version that is not affected by this issue. For RealPlayer version 10.5, avoid using the SWF file handler until a patch is available. For RealOne Player and RealPlayer Enterprise, at the moment, there is no information about a newer version that contains a fix for this vulnerability.