CVE-2005-0455

Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.

Affected Software

Name	Vendor	Start Version	End Version
Realone_player	Realnetworks	1.0 (including)	1.0 (including)
Realone_player	Realnetworks	2.0 (including)	2.0 (including)
Realplayer	Realnetworks	8.0 (including)	8.0 (including)
Realplayer	Realnetworks	10.0 (including)	10.0 (including)
Realplayer	Realnetworks	10.0_6.0.12.690 (including)	10.0_6.0.12.690 (including)
Realplayer	Realnetworks	10.0_beta (including)	10.0_beta (including)
Realplayer	Realnetworks	10.5 (including)	10.5 (including)
Realplayer	Realnetworks	10.5_6.0.12.1016_beta (including)	10.5_6.0.12.1016_beta (including)
Realplayer	Realnetworks	10.5_6.0.12.1040 (including)	10.5_6.0.12.1040 (including)
Realplayer	Realnetworks	10.5_6.0.12.1053 (including)	10.5_6.0.12.1053 (including)
Red Hat Desktop version 3 Extras	RedHat		*
Red Hat Desktop version 4 Extras	RedHat		*
Red Hat Enterprise Linux 4	RedHat	HelixPlayer-1:1.0.3-1	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-0455
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References