CVE-2005-2629

NameCVE-2005-2629
DescriptionInteger overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-915-1
NVD severitymedium (attack range: remote)
Debian Bugs340270

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
helix-playersource(unstable)1.0.6-1medium340270
helix-playersourcesarge1.0.4-1sarge2mediumDSA-915-1

Search for package or bug name: Reporting problems