CVE-2009-4245

Name of the Vulnerable Software and Affected Versions RealPlayer versions 10 through 11.0.4 RealPlayer 10.5 versions 6.0.12.1040 through 6.0.12.1741 RealPlayer Enterprise (affected versions not specified) Mac RealPlayer versions 10 and 10.1 Linux RealPlayer version 10 Helix Player versions 10.x

Description The issue is related to a heap-based buffer overflow that can be triggered by a compressed GIF file, potentially allowing remote attackers to cause a denial of service or possibly execute arbitrary code. The vulnerability is associated with the files gifcodec.cpp and gifimage.cpp.

Recommendations For RealPlayer versions 10 through 11.0.4, consider updating to a version outside of the affected range. For RealPlayer 10.5 versions 6.0.12.1040 through 6.0.12.1741, consider updating to a version outside of the affected range. For RealPlayer Enterprise, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Mac RealPlayer versions 10 and 10.1, consider updating to a version outside of the affected range. For Linux RealPlayer version 10, consider updating to a version outside of the affected range. For Helix Player versions 10.x, consider updating to a version outside of the affected range.