CVE - CVE-2007-3410

CVE-ID
CVE-2007-3410	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
IDEFENSE:20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547 CONFIRM:http://service.real.com/realplayer/security/10252007_player/en/ GENTOO:GLSA-200709-05 URL:http://security.gentoo.org/glsa/glsa-200709-05.xml REDHAT:RHSA-2007:0605 URL:http://www.redhat.com/support/errata/RHSA-2007-0605.html REDHAT:RHSA-2007:0841 URL:http://www.redhat.com/support/errata/RHSA-2007-0841.html CERT-VN:VU#770904 URL:http://www.kb.cert.org/vuls/id/770904 VIM:20071030 RealPlayer Updates of October 25, 2007 URL:http://www.attrition.org/pipermail/vim/2007-October/001841.html BID:24658 URL:http://www.securityfocus.com/bid/24658 OSVDB:38342 URL:http://osvdb.org/38342 OVAL:oval:org.mitre.oval:def:10554 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554 VUPEN:ADV-2007-2339 URL:http://www.vupen.com/english/advisories/2007/2339 VUPEN:ADV-2007-3628 URL:http://www.vupen.com/english/advisories/2007/3628 OSVDB:37374 URL:http://osvdb.org/37374 SECTRACK:1018297 URL:http://securitytracker.com/id?1018297 SECTRACK:1018299 URL:http://securitytracker.com/id?1018299 SECUNIA:25819 URL:http://secunia.com/advisories/25819 SECUNIA:25859 URL:http://secunia.com/advisories/25859 SECUNIA:26463 URL:http://secunia.com/advisories/26463 SECUNIA:26828 URL:http://secunia.com/advisories/26828 SECUNIA:27361 URL:http://secunia.com/advisories/27361 XF:realplayer-smiltime-wallclockvalue-bo(35088) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/35088
Assigning CNA
N/A
Date Entry Created
20070626	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070626)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org