Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2005-0455

Published: 02/05/2005 Updated: 11/10/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 520
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Realone Player

Vulnerability Summary

Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and previous versions), 10, 8, and RealOne Player V2 and V1 allows remote malicious users to execute arbitrary code via a .SMIL file with a large system-screen-size value.

Vulnerable Product Search on Vulmon Subscribe to Product

Vendor Advisories

Red Hat: RealPlayer security update
Synopsis RealPlayer security update Type/Severity Security Advisory: Critical Topic An updated RealPlayer package that fixes two buffer overflow issues is nowavailableThis update has been rated as having critical security impact by the RedHat Security Response Team Description RealPlayer ...
Red Hat: realplayer security update
Synopsis realplayer security update Type/Severity Security Advisory: Important Topic Updated realplayer packages that fix a number of security issues are nowavailable for Red Hat Enterprise Linux 3 ExtrasThis update has been rated as having important security impact by the RedHat Security Response Team ...
Red Hat: HelixPlayer security update
Synopsis HelixPlayer security update Type/Severity Security Advisory: Critical Topic An updated HelixPlayer package that fixes two buffer overflow issues is nowavailableThis update has been rated as having critical security impact by the RedHat Security Response Team Description HelixPlay ...

Exploits

Exploit DB: RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow
/* RealPlayer smil file buffer overflow Coded by nolimit@CiSO & Buzzdee greets to COREiSO & #news & flare & class101 & ESI & RVL & everyone else I forget This uses a seh overwrite method, which takes advantage of the SEH being placed in multiple locations over the different OS's Because of this, it should be completel ...
Exploit DB: RealNetworks RealPlayer - '.SMIL' Remote Buffer Overflow (Metasploit)
## # $Id: realplayer_smilrb 9262 2010-05-09 17:45:00Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

References

NVD-CWE-Otherhttp://www.idefense.com/application/poi/display?id=209&type=vulnerabilitieshttp://service.real.com/help/faq/security/050224_playerhttp://www.redhat.com/support/errata/RHSA-2005-265.htmlhttp://www.redhat.com/support/errata/RHSA-2005-271.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10926https://access.redhat.com/errata/RHSA-2005:265https://nvd.nist.govhttps://www.exploit-db.com/exploits/863/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook