FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-02 08:34:31 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f762ccbb-baed-11dc-a302-000102cc8983	linux-realplayer -- multiple vulnerabilities Secunia reports: Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system. An input validation error when processing .RA/.RAM files can be exploited to cause a heap corruption via a specially crafted .RA/.RAM file with an overly large size field in the header. An error in the processing of .PLS files can be exploited to cause a memory corruption and execute arbitrary code via a specially crafted .PLS file. An input validation error when parsing .SWF files can be exploited to cause a buffer overflow via a specially crafted .SWF file with malformed record headers. A boundary error when processing rm files can be exploited to cause a buffer overflow. Discovery 2007-10-25 Entry 2008-01-04 linux-realplayer >= 10.0.5 lt 10.0.9.809.20070726 CVE-2007-5081 CVE-2007-3410 CVE-2007-2263 CVE-2007-2264 http://secunia.com/advisories/27361 http://service.real.com/realplayer/security/10252007_player/en/ http://www.zerodayinitiative.com/advisories/ZDI-07-063.html http://www.zerodayinitiative.com/advisories/ZDI-07-062.html http://www.zerodayinitiative.com/advisories/ZDI-07-061.html http://secunia.com/advisories/25819/ 759385

VuXML ID

Description

f762ccbb-baed-11dc-a302-000102cc8983

linux-realplayer -- multiple vulnerabilities

Secunia reports:

Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system.

An input validation error when processing .RA/.RAM files can be exploited to cause a heap corruption via a specially crafted .RA/.RAM file with an overly large size field in the header.

An error in the processing of .PLS files can be exploited to cause a memory corruption and execute arbitrary code via a specially crafted .PLS file.

An input validation error when parsing .SWF files can be exploited to cause a buffer overflow via a specially crafted .SWF file with malformed record headers.

A boundary error when processing rm files can be exploited to cause a buffer overflow.

Discovery 2007-10-25
Entry 2008-01-04
linux-realplayer

>= 10.0.5 lt 10.0.9.809.20070726

CVE-2007-5081
CVE-2007-3410
CVE-2007-2263
CVE-2007-2264
http://secunia.com/advisories/27361
http://service.real.com/realplayer/security/10252007_player/en/
http://www.zerodayinitiative.com/advisories/ZDI-07-063.html
http://www.zerodayinitiative.com/advisories/ZDI-07-062.html
http://www.zerodayinitiative.com/advisories/ZDI-07-061.html
http://secunia.com/advisories/25819/
759385