Bug 119017 - VUL-0: realplayer: format string bug
Summary: VUL-0: realplayer: format string bug
Status: RESOLVED DUPLICATE of bug 106048
Alias: None
Product: SUSE Linux 10.1
Classification: openSUSE
Component: Other (show other bugs)
Version: unspecified
Hardware: Other All
: P5 - None : Normal (vote)
Target Milestone: ---
Assignee: Stanislav Brabec
QA Contact: E-mail List
URL:
Whiteboard: CVE-2005-2710: CVSS v2 Base Score: 5....
Keywords:
Depends on:
Blocks:
 
Reported: 2005-09-27 14:18 UTC by Thomas Biege
Modified: 2009-10-13 21:37 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2005-09-27 14:18:45 UTC 
Hello Stanislav,
there is another issue with realplayer:
http://www.open-security.org/advisories/13
https://helixcommunity.org/projects/player/
Comment 3 Marcus Meissner 2005-09-28 04:58:55 UTC 
its a dup of the 106048. see Donas mail inside there  

*** This bug has been marked as a duplicate of 106048 ***
Comment 4 Thomas Biege 2005-09-28 08:58:11 UTC 
======================================================
Candidate: CAN-2005-2710
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710
Reference: FULLDISC:20050926 RealPlayer && HelixPlayer Remote Format String
Reference: URL:http://marc.theaimsgroup.com/?l=full-disclosure&m=112775929608219&w=2
Reference: MISC:http://www.open-security.org/advisories/13
Reference: REDHAT:RHSA-2005:788
Reference: URL:http://www.redhat.com/support/errata/RHSA-2005-788.html
Reference: CONFIRM:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078

Format string vulnerability in Real HelixPlayer and RealPlayer 10
allows user-complicit attackers to execute arbitrary code via the
image handle attribute in a RealPix (.rp) or RealText (.rt) file.
Comment 5 Thomas Biege 2009-10-13 21:37:22 UTC 
CVE-2005-2710: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)