CVE-2007-2263

Impact:
Critical
Public Date:
2007-10-25
Bugzilla:
353671: CVE-2007-2263 realplayer swf file (flash media) heap overflow

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.

Find out more about CVE-2007-2263 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue was fixed in RealPlayer for Red Hat Enterprise Linux 3 Extras, 4 Extras, 5 Supplementary by RHSA-2007:0841 on 17th August 2007:
https://rhn.redhat.com/errata/RHSA-2007-0841.html

(Our original advisory did not mention this issue was fixed as the details of the issue were not made public by RealNetworks until 25th October 2007)

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux AS version 4 Extras RHSA-2007:0841 2007-08-17
Red Hat Enterprise Linux Supplementary 5 RHSA-2007:0841 2007-08-17
Red Hat Enterprise Linux AS version 3 Extras (realplayer) RHSA-2007:0841 2007-08-17
Last Modified

CVE description copyright © 2017, The MITRE Corporation