RealNetworks RealOne Player/RealPlayer Remote R3T文件基于栈的缓冲区溢出漏洞

漏洞信息详情

RealNetworks RealOne Player/RealPlayer Remote R3T文件基于栈的缓冲区溢出漏洞

• CNNVD编号：CNNVD-200406-031
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-0387
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2004-06-01
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-01-05
  
• 厂        商：
  
  realnetworks
• 漏洞来源：
  This issue was dis…

使用于RealPlayer 8， RealOne Player，RealOne Player 10 测试版和RealOne Player企业版的RT3插件存在基于栈的缓冲区溢出漏洞。远程攻击者借助畸形.R3T文件执行任意代码。

Real Networks Inc. has released an advisory and fixes dealing with this issue. Please see the referenced web page for more information and details on obtaining fixes.

来源: XF
名称: realplayer-r3t-bo(15774)
链接:http://xforce.iss.net/xforce/xfdb/15774

来源: www.service.real.com
链接:http://www.service.real.com/help/faq/security/040406_r3t/en/

来源: www.ngssoftware.com
链接:http://www.ngssoftware.com/advisories/realr3t.txt

来源: BUGTRAQ
名称: 20040307 REAL One Player R3T File Format Stack Overflow
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108135350810135&w=2

来源: BID
名称: 10070
链接:http://www.securityfocus.com/bid/10070

来源: OSVDB
名称: 4977
链接:http://www.osvdb.org/displayvuln.php?osvdb_id=4977

来源: SECUNIA
名称: 11314
链接:http://secunia.com/advisories/11314

来源: BUGTRAQ
名称: 20040307 REAL One Player R3T File Format Stack Overflow
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108135350810135&w=2

来源: VULNWATCH
名称: 20040307 REAL One Player R3T File Format Stack Overflow
链接:http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0077.html