CVE-2005-2052

RealPlayer and RealOne Player - Heap-Based Buffer Overflow via AVI strf Structure

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value.

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111955853611840&w=2
Patch, Vendor Advisory x_refsource_confirm
http://service.real.com/help/faq/security/050623_player/EN/

Scores

EPSS 0.0291
EPSS Percentile 86.5%

Details

Status published
Products (7)
realnetworks/realone_player 1.0
realnetworks/realone_player 2.0
realnetworks/realplayer
realnetworks/realplayer 8.0
realnetworks/realplayer 10.0
realnetworks/realplayer 10.5_6.0.12.1040
realnetworks/realplayer 10.5_6.0.12.1069
Published Jun 28, 2005
Tracked Since Feb 18, 2026