Overview
Helix Player, and media players based on the Helix Player, contain a format string vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
Helix Player is used to play various types of media files on UNIX systems. The Helix Media Player contains a format string vulnerability in the routines that handle media files. A remote attacker can exploit this vulnerability by persuading a user to access a specially crafted media file, such as a realpix (*.rp) or realtext (*.rt) file. In addition, web browsers can be configured to automatically launch the Helix Player when media content is encountered, thus an attack may be triggered by visiting a malicious website. This issue also affects media players based on the Helix Player, including Real Player for Linux systems. Note there is publicly available exploit code for this vulnerability. |
Impact
A remote attacker may be able to execute arbitrary code with the privileges of the Helix Media Player process. |
Solution
Upgrade This vulnerability was corrected in Helix Player 1.0.6 and Real Player 10 for Linux. |
Do not access media files from untrusted sources
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- https://player.helixcommunity.org/2005/releases/hx1gold/HX1_0_6ReleaseNotes.html
- http://service.real.com/help/faq/security/050930_player/EN/
- http://www.redhat.com/support/errata/RHSA-2005-788.html
- http://secunia.com/advisories/16954/
- http://secunia.com/advisories/16961/
- http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities&flashstatus=true
Acknowledgements
This vulnerability was reported by c0ntexb.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2005-2710 |
| Severity Metric: | 12.58 |
| Date Public: | 2005-09-26 |
| Date First Published: | 2005-09-28 |
| Date Last Updated: | 2005-10-04 19:46 UTC |
| Document Revision: | 54 |