Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Helix_universal_server | Realnetworks | 8.0.1 (including) | 8.0.1 (including) |
| Helix_universal_server | Realnetworks | 9.0 (including) | 9.0 (including) |
| Helix_universal_server | Realnetworks | 9.0.1 (including) | 9.0.1 (including) |
| Helix_universal_server | Realnetworks | 9.0.2.794 (including) | 9.0.2.794 (including) |
| Realserver | Realnetworks | 7.0 (including) | 7.0 (including) |
| Realserver | Realnetworks | 7.0.1 (including) | 7.0.1 (including) |
| Realserver | Realnetworks | 7.0.2 (including) | 7.0.2 (including) |
| Realserver | Realnetworks | 8.0 (including) | 8.0 (including) |
| Realserver | Realnetworks | 8.0.1 (including) | 8.0.1 (including) |
| Realserver | Realnetworks | 8.0.2 (including) | 8.0.2 (including) |
| Realserver | Realnetworks | 8.0_beta (including) | 8.0_beta (including) |
| Realserver | Realnetworks | g2_1.0 (including) | g2_1.0 (including) |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0087.html
- http://lists.immunitysec.com/pipermail/dailydave/2003-August/000030.html
- http://www.kb.cert.org/vuls/id/934932
- http://www.securityfocus.com/bid/8476
- http://www.service.real.com/help/faq/security/rootexploit082203.html
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0087.html
- http://lists.immunitysec.com/pipermail/dailydave/2003-August/000030.html
- http://www.kb.cert.org/vuls/id/934932
- http://www.securityfocus.com/bid/8476
- http://www.service.real.com/help/faq/security/rootexploit082203.html