Network Security - PHPKIT include.php Session ID SQL Injection::
Nov 13, 2005 Moodle contains a flaw that may allow an attacker to carry out an SQL [EEYEB-20050701] - RealPlayer Zipped Skin File Buffer Overflow II
http://www.auditmypc.com/network-security/network-security-11132005.aspHOME |
Digital media delivery firm RealNetworks
has patched a potentially serious security flaw in RealPlayer and
RealOne, two software products that serve as the hub of the company's
streaming media business. Heap-based buffer overflow reported in RealNetworks RealPlayer ::
Jul 25, 2008 RealPlayer Secunia Research is reporting a heap-based buffer overflow vulnerability in the widely used RealPlayer video player.
http://blogs.zdnet.com/security/?p=1559HOME |
Internet Security | Vulnerability Assessment | Computer Network ::
RealPlayer embd3260.dll Error Response Heap Overflow Release Date: but because of a flaw in how the buffer size is calculated, an overflow will always
http://research.eeye.com/html/advisories/published/AD20040610.htmlHOME |
According to an advisory
from RealNetworks, the vulnerability could allow an attacker to run
arbitrary or malicious code on a user's machine. BugtraqEEYEB20050701 RealPlayer Zipped Skin File Buffer Overflow II::
BugtraqEEYEB20050701 RealPlayer Zipped Skin File Buffer Overflow II Next message NGSSoftware Insight Security ResearchHigh Risk Flaw in RealPlayer
http://seclists.org/bugtraq/2005/Nov/0141.htmlHOME |
Silobreaker: RealPlayer ActiveX Control Buffer Overflow in Impo::
Jul 25, 2008 RealPlayer ActiveX Control Buffer Overflow in Import Method May Let four 'highly critical' flaws in RealPlayer that could allow hackers
http://www.silobreaker.com/DocumentReader.aspx?Item=5_884227586HOME |
The flaw, which is rated "highly critical" by research firm Secunia,
affects RealPlayer 10.5 (prior to build 6.0.12.1056), RealPlayer 10 and
RealOne Player versions 1 and 2.
RealNetworks said it had received no reports of machines compromised
as a result of the vulnerability, which has been patched via the
software's built-in update facility. RealPlayer and RealOne users are
urged to apply the fix from the "Tools > Check for Update" feature.
The company said the specific buffer overflow exploit was discovered in DUNZIP32.DLL,
a module that offers support for ZIP compressed folders in the Windows shell.
A successful attacker would have to fashion a malicious skin file to cause a buffer
overflow and execute arbitrary code on a customer's machine, RealNetworks said.
eEye Digital Security, which is credited with finding and reporting
the flaw to RealNetworks, first discovered the DUNZIP32.DLL
vulnerability in August this year. eEye said an exploitable buffer
overflow occurs when a user opens a ZIP folder that contains a long file
name (greater than around 0x8000 bytes).
Microsoft released a patch
for the flaw in its October batch of advisories.
Pre-Article:AOL To Give Away Anti-Virus Service
Next-Article:Sendmail Delivers Integrated Protection | 
HOME