CVE-2007-2264

Impact:
Critical
Public Date:
2007-10-25
Bugzilla:
353691: CVE-2007-2264 realplayer ram file heap overflow

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.

Find out more about CVE-2007-2264 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue was fixed in RealPlayer for Red Hat Enterprise Linux 3 Extras, 4 Extras, 5 Supplementary by RHSA-2007:0841 on 17th August 2007:
https://rhn.redhat.com/errata/RHSA-2007-0841.html

(Our original advisory did not mention this issue was fixed as the details of the issue were not made public by RealNetworks until 25th October 2007)

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux AS version 4 Extras RHSA-2007:0841 2007-08-17
Red Hat Enterprise Linux Supplementary 5 RHSA-2007:0841 2007-08-17
Red Hat Enterprise Linux AS version 3 Extras (realplayer) RHSA-2007:0841 2007-08-17

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.