CVE-2005-1766 | Vulnerability Database | Aqua Security

Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file.

Affected Software

Name	Vendor	Start Version	End Version
Realplayer	Realnetworks	*	10.0.5 (including)
Red Hat Desktop version 3 Extras	RedHat		*
Red Hat Desktop version 4 Extras	RedHat		*
Red Hat Enterprise Linux 4	RedHat	HelixPlayer-1:1.0.5-0.EL4.1	*
Helix-player	Ubuntu	dapper	*
Helix-player	Ubuntu	devel	*
Helix-player	Ubuntu	edgy	*
Helix-player	Ubuntu	feisty	*

References

http://secunia.com/advisories/16981
http://service.real.com/help/faq/security/050623_player/EN/
http://www.debian.org/security/2005/dsa-826
http://www.idefense.com/application/poi/display?id=250\u0026type=vulnerabilities\u0026flashstatus=true
http://www.novell.com/linux/security/advisories/2005_37_real_player.html
http://www.redhat.com/support/errata/RHSA-2005-517.html
http://www.redhat.com/support/errata/RHSA-2005-523.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9509
http://secunia.com/advisories/16981
http://service.real.com/help/faq/security/050623_player/EN/
http://www.debian.org/security/2005/dsa-826
http://www.idefense.com/application/poi/display?id=250\u0026type=vulnerabilities\u0026flashstatus=true
http://www.novell.com/linux/security/advisories/2005_37_real_player.html
http://www.redhat.com/support/errata/RHSA-2005-517.html
http://www.redhat.com/support/errata/RHSA-2005-523.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9509

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-1766
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html