Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Realjukebox_2 | Realnetworks | 1.0.2.340 (including) | 1.0.2.340 (including) |
| Realjukebox_2 | Realnetworks | 1.0.2.379 (including) | 1.0.2.379 (including) |
| Realjukebox_2_plus | Realnetworks | 1.0.2.340 (including) | 1.0.2.340 (including) |
| Realjukebox_2_plus | Realnetworks | 1.0.2.379 (including) | 1.0.2.379 (including) |
| Realone_player | Realnetworks | 6.0.10.505-gold (including) | 6.0.10.505-gold (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0127.html
- http://service.real.com/help/faq/security/bufferoverrun07092002.html
- http://www.iss.net/security_center/static/9538.php
- http://www.kb.cert.org/vuls/id/843667
- http://www.securityfocus.com/bid/5217
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0127.html
- http://service.real.com/help/faq/security/bufferoverrun07092002.html
- http://www.iss.net/security_center/static/9538.php
- http://www.kb.cert.org/vuls/id/843667
- http://www.securityfocus.com/bid/5217