[23995] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RealPlayer Buffer Overflow [Sentinel Chicken Networks Security Advisory #01]

daemon@ATHENA.MIT.EDU (tmorgan-security@kavi.com)
Fri Jan 25 15:31:18 2002

Date: Thu, 24 Jan 2002 19:17:41 -0800
From: tmorgan-security@kavi.com
To: bugtraq@securityfocus.com
Message-ID: <20020124191741.B13797@kavi.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hello bugtraq,

There are buffer overflows in RealPlayer's header reading code.  To
my knowledge, no exploit has been developed for it, but it appears
possible.

Since the press already has a hold of it:
  http://www.newsbytes.com/news/02/173936.html

I might as well release this now.  The official advisory can be
found at:
  http://www.sentinelchicken.com/advisories/realplayer/

Real has told me there should be a patch out sometime after noon
tomorrow (Pacific time).

thanks,
tim
(Not a security expert.)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23995] in bugtraq

RealPlayer Buffer Overflow [Sentinel Chicken Networks Security Advisory #01]

daemon@ATHENA.MIT.EDU (tmorgan-security@kavi.com)Fri Jan 25 15:31:18 2002

daemon@ATHENA.MIT.EDU (tmorgan-security@kavi.com)
Fri Jan 25 15:31:18 2002