Upstream information

CVE-2005-2629 at MITRE

Description

Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.1
Vector AV:N/AC:H/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Note from the SUSE Security Team

In progress

SUSE Bugzilla entry: 106048 [RESOLVED]

SUSE Security Advisories: