Vulnerability Note VU#770904
RealNetworks players SMIL "wallclock" buffer overflow
A buffer overflow in RealNetworks media players could allow a remote attacker to execute arbitrary code on an affected system.
The RealNetworks RealPlayer and Helix Player applications allow users to view local and remote audio and video content. These players support multiple media formats including the synchronized multimedia integration language (SMIL). A stack-based buffer overflow exists in the way that these players handle the "wallclock-sync" values encoded in the SMIL data. A remote attacker with the ability to supply a specially crafted media file or stream could exploit this vulnerability to execute arbitrary code on an affected system.
Note that we are aware of publicly-available exploit code for this vulnerability.
A remote unauthenticated attacker could execute arbitrary code with the privileges of the user running a vulnerable application or cause the vulnerable application to crash, resulting in a denial of service.
Apply an update from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|RealNetworks, Inc.||Affected||27 Jun 2007||28 Jun 2007|
|Red Hat, Inc.||Affected||-||27 Jun 2007|
CVSS Metrics (Learn More)
This vulnerability was reported by iDefense Labs in iDefense Labs Public Advisory: 06.26.07. iDefense credits an anonymous researcher with reporting this vulnerability to them.
This document was written by Chad R Dougherty.
- CVE IDs: CVE-2007-3410
- Date Public: 26 Jun 2007
- Date First Published: 28 Jun 2007
- Date Last Updated: 28 Jun 2007
- Severity Metric: 22.27
- Document Revision: 5
If you have feedback, comments, or additional information about this vulnerability, please send us email.