First published: Mon Aug 30 2010(Updated: )
Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Realnetworks Realplayer | =11.0 | |
Realnetworks Realplayer | =11.1 | |
Microsoft Windows | ||
Realnetworks Realplayer Sp | =1.0.0 | |
Realnetworks Realplayer Sp | =1.0.1 | |
Realnetworks Realplayer Sp | =1.0.2 | |
Realnetworks Realplayer Sp | =1.0.5 | |
Realnetworks Realplayer Sp | =1.1 | |
Realnetworks Realplayer Sp | =1.1.1 | |
Realnetworks Realplayer Sp | =1.1.2 | |
Realnetworks Realplayer Sp | =1.1.3 | |
Realnetworks Realplayer Sp | =1.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.