CVE-2004-1481
RealPlayer 8-10.5 and RealOne Player 1-2 - Remote Code Execution via SMIL File Chunk Length Overflow
Title source: llmDescription
Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.
References (5)
Core 5
Core References
Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11309
Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=ntbugtraq&m=109708374115061&w=2
Broken Link x_refsource_confirm
http://www.service.real.com/help/faq/security/040928_player/EN/
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12672
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17549
Scores
EPSS
0.0690
EPSS Percentile
91.5%
Details
Status
published
Products (12)
realnetworks/helix_player
1.0
realnetworks/realone_player
1.0
realnetworks/realone_player
2.0
realnetworks/realone_player
9.0.0.288
realnetworks/realone_player
9.0.0.297
realnetworks/realplayer
realnetworks/realplayer
8.0 (3 CPE variants)
realnetworks/realplayer
10.0 (7 CPE variants)
realnetworks/realplayer
10.0_6.0.12.690
realnetworks/realplayer
10.5
... and 2 more
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026