Back to search
CVE-2007-3410
Published: Jun 26, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://service.real.com/realplayer/security/10252007_player/en/
x_refsource_CONFIRM
oval:org.mitre.oval:def:10554
vdb-entry
signature
x_refsource_OVAL
20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
26463
third-party-advisory
x_refsource_SECUNIA
GLSA-200709-05
vendor-advisory
x_refsource_GENTOO
24658
vdb-entry
x_refsource_BID
ADV-2007-2339
vdb-entry
x_refsource_VUPEN
realplayer-smiltime-wallclockvalue-bo(35088)
vdb-entry
x_refsource_XF
RHSA-2007:0841
vendor-advisory
x_refsource_REDHAT
26828
third-party-advisory
x_refsource_SECUNIA
38342
vdb-entry
x_refsource_OSVDB
VU#770904
third-party-advisory
x_refsource_CERT-VN
RHSA-2007:0605
vendor-advisory
x_refsource_REDHAT
25859
third-party-advisory
x_refsource_SECUNIA
37374
vdb-entry
x_refsource_OSVDB
20071030 RealPlayer Updates of October 25, 2007
mailing-list
x_refsource_VIM
ADV-2007-3628
vdb-entry
x_refsource_VUPEN
25819
third-party-advisory
x_refsource_SECUNIA
1018297
vdb-entry
x_refsource_SECTRACK
27361
third-party-advisory
x_refsource_SECUNIA
1018299
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now