REDHAT-BUG-561436: Buffer Overflow

First published: Wed Feb 03 2010(Updated: )

Common Vulnerabilities and Exposures assigned an identifier <a href="https://access.redhat.com/security/cve/CVE-2009-4242">CVE-2009-4242</a> to the following vulnerability: Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation. References: <a href="http://service.real.com/realplayer/security/01192010_player/en/">http://service.real.com/realplayer/security/01192010_player/en/</a> <a href="http://www.zerodayinitiative.com/advisories/ZDI-10-006/">http://www.zerodayinitiative.com/advisories/ZDI-10-006/</a> <a href="http://www.securityfocus.com/archive/1/509096/100/0/threaded">http://www.securityfocus.com/archive/1/509096/100/0/threaded</a> <a href="http://xforce.iss.net/xforce/xfdb/55795">http://xforce.iss.net/xforce/xfdb/55795</a>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/last-modified-date
• agent/first-publish-date
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2009-4242
• agent/severity
• agent/references
• agent/weakness
• agent/description
• agent/event
• agent/source
• agent/softwarecombine
• agent/tags
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/realnetworks
• canonical/realplayer
• canonical/realnetworks helix player linux