Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Helix_player | Realnetworks | * | * |
| Realplayer | Realnetworks | 10.0 (including) | 10.0 (including) |
| Red Hat Desktop version 3 Extras | RedHat | * | |
| Red Hat Desktop version 4 Extras | RedHat | * | |
| Red Hat Enterprise Linux 4 | RedHat | HelixPlayer-1:1.0.6-0.EL4.1 | * |