CVE-2005-0755
CVSS5.1
发布时间 :2005-04-19 00:00:00
修订时间 :2016-10-17 23:14:11
NMCOS    

[原文]Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.


[CNNVD]RealNetworks RealPlayer Enterprise未明RAM文件处理溢出漏洞(CNNVD-200504-075)

        RealNetworks RealPlayer Enterprise是一款非常流行的媒体播放器,支持多种媒体格式。
        RealNetworks RealPlayer Enterprise中存在未明的缓冲区溢出漏洞,攻击者可能利用此漏洞在用户机器上执行任意指令。
        如果用户使用播放器处理畸形的RAM文件时就会触发该漏洞。远程攻击者可以利用这个漏洞以使用有漏洞版本播放器用户的权限执行任意代码。

- CVSS (基础分值)

CVSS分值: 5.1 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:realnetworks:realplayer:10.0::german
cpe:/a:realnetworks:realplayer:8.0
cpe:/a:realnetworks:realplayer:8.0::win32
cpe:/a:realnetworks:realplayer:8.0::unix
cpe:/a:realnetworks:realone_player:1.0
cpe:/a:realnetworks:realplayer:10.0RealNetworks RealPlayer 10.0
cpe:/a:realnetworks:realplayer:10.0:::japanese
cpe:/a:realnetworks:realplayer:8.0::mac_os
cpe:/a:realnetworks:realone_player:2.0
cpe:/a:realnetworks:realplayer:10.0_beta
cpe:/a:realnetworks:realplayer:10.0_6.0.12.690
cpe:/a:realnetworks:realplayer:10.0:::english
cpe:/a:realnetworks:helix_player:10.0.3

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11205Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0755
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0755
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200504-075
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=111401615202987&w=2
(UNKNOWN)  BUGTRAQ  20050420 RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Overflow
http://pb.specialised.info/all/adv/real-ram-adv.txt
(VENDOR_ADVISORY)  MISC  http://pb.specialised.info/all/adv/real-ram-adv.txt
http://service.real.com/help/faq/security/050419_player/EN/
(VENDOR_ADVISORY)  CONFIRM  http://service.real.com/help/faq/security/050419_player/EN/
http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00040.html
(VENDOR_ADVISORY)  FEDORA  FEDORA-2005-329
http://www.redhat.com/support/errata/RHSA-2005-363.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:363
http://www.redhat.com/support/errata/RHSA-2005-392.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:392
http://www.redhat.com/support/errata/RHSA-2005-394.html
(UNKNOWN)  REDHAT  RHSA-2005:394

- 漏洞信息

RealNetworks RealPlayer Enterprise未明RAM文件处理溢出漏洞
中危 缓冲区溢出
2005-04-19 00:00:00 2006-01-05 00:00:00
远程  
        RealNetworks RealPlayer Enterprise是一款非常流行的媒体播放器,支持多种媒体格式。
        RealNetworks RealPlayer Enterprise中存在未明的缓冲区溢出漏洞,攻击者可能利用此漏洞在用户机器上执行任意指令。
        如果用户使用播放器处理畸形的RAM文件时就会触发该漏洞。远程攻击者可以利用这个漏洞以使用有漏洞版本播放器用户的权限执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        http://docs.real.com/docs/pnen3260.dll

- 漏洞信息

15710
RealPlayer RAM File Processing Overflow
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

A remote overflow exists in RealPlayer. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted RAM file containing an overly long hostname, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

- 时间线

2005-04-20 Unknow
2005-04-20 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, RealNetworks has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

RealNetworks RealPlayer Enterprise RAM File Parsing Buffer Overflow Vulnerability
Boundary Condition Error 13264
Yes No
2005-04-19 12:00:00 2009-07-12 02:06:00
Piotr Bania <bania.piotr@gmail.com> is credited with the discovery of this issue.

- 受影响的程序版本

RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 3
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 3
Real Networks RealPlayer For Unix 10.0.3
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2
Real Networks RealPlayer Enterprise 1.7
Real Networks RealPlayer Enterprise 1.6
Real Networks RealPlayer Enterprise 1.5
Real Networks RealPlayer Enterprise 1.2
Real Networks RealPlayer Enterprise 1.1
Real Networks RealPlayer Enterprise
Real Networks RealPlayer 10 for Mac OS 10.0.0.325
Real Networks RealPlayer 10 for Mac OS 10.0.0.305
Real Networks RealPlayer 10 for Mac OS
Real Networks RealPlayer 10 for Linux
Real Networks RealPlayer 10.5 v6.0.12.1056
Real Networks RealPlayer 10.5 v6.0.12.1053
Real Networks RealPlayer 10.5 v6.0.12.1040
Real Networks RealPlayer 10.0
+ S.u.S.E. cvsup-16.1h-43.i586.rpm
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2
Real Networks RealPlayer 8.0 Win32
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98 SP1
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Real Networks RealPlayer 8.0 Unix
- Caldera OpenLinux Workstation 3.1
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 alpha
- HP HP-UX 11.11
- HP HP-UX 11.0
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
- IBM AIX 4.2.1
- IBM AIX 4.2
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- RedHat Linux 7.2 i386
- RedHat Linux 7.1 i386
- RedHat Linux 7.0 i386
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
+ S.u.S.E. Linux 8.1
- S.u.S.E. Linux 7.2 i386
- S.u.S.E. Linux 7.1 x86
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux Desktop 1.0
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
- SCO eDesktop 2.4
- SGI IRIX 6.5.14
- SGI IRIX 6.5.13 m
- SGI IRIX 6.5.13 f
- SGI IRIX 6.5.13
- SGI IRIX 6.5.12 m
- SGI IRIX 6.5.12 f
- SGI IRIX 6.5.12
- SGI IRIX 6.5.11 m
- SGI IRIX 6.5.11 f
- SGI IRIX 6.5.11
- SGI IRIX 6.3
- Slackware Linux 8.0
- Slackware Linux 7.1
- Slackware Linux 7.0
- Sun Solaris 7.0
- Sun Solaris 2.6
Real Networks RealPlayer 8.0 Mac
Real Networks RealOne Player for OSX 9.0 .297
Real Networks RealOne Player for OSX 9.0 .288
Real Networks RealOne Player 6.0.11 .872
Real Networks RealOne Player 6.0.11 .868
Real Networks RealOne Player 6.0.11 .853
Real Networks RealOne Player 6.0.11 .840
Real Networks RealOne Player 6.0.11 .830
Real Networks RealOne Player 6.0.11 .818
Real Networks RealOne Player 1.0
Real Networks Helix Player for Linux 1.0.3
+ Gentoo Linux
+ Red Hat Fedora Core3
Real Networks Helix Player for Linux 1.0.2
+ Red Hat Enterprise Linux AS 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
Real Networks Helix Player for Linux 1.0.1
Real Networks Helix Player for Linux 1.0
Real Networks RealPlayer For Unix 10.0.4
+ Red Hat Enterprise Linux AS 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2
Real Networks RealPlayer 10 for Mac OS 10.0 .0.331
Real Networks RealPlayer 10.5 v6.0.12.1059
Real Networks Helix Player for Linux 1.0.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Red Hat Enterprise Linux AS 4
+ Red Hat Fedora Core3
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4

- 不受影响的程序版本

Real Networks RealPlayer For Unix 10.0.4
+ Red Hat Enterprise Linux AS 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2
Real Networks RealPlayer 10 for Mac OS 10.0 .0.331
Real Networks RealPlayer 10.5 v6.0.12.1059
Real Networks Helix Player for Linux 1.0.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Red Hat Enterprise Linux AS 4
+ Red Hat Fedora Core3
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4

- 漏洞讨论

RealNetworks RealPlayer Enterprise is reported prone to a buffer overflow vulnerability. It is reported that the issue manifests when a malicious RAM file is parsed.

A remote attacker may exploit this vulnerability to execute arbitrary code in the context of a user that uses a vulnerable version of the media player to load a malicious RAM file.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

The vendor has released a fix to address this vulnerability:

SuSE Linux has made advisory SUSE-SA:2005:026 available along with fixes dealing with this issue.

RedHat Fedora has released and advisory FEDORA-2005-330 dealing with this issue. Please see the reference section for more information.

Red Hat has released advisories RHSA-2005:363-09 and RHSA-2005:392-06 dealing with this issue in their RealPlayer and Helix Player packages respectively along with fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

Gentoo has released advisory GLSA 200504-21 to address this issue. Gentoo fixes may be applied by running the following commands as the superuser:
emerge --sync
emerge --ask --oneshot --verbose ">=media-video/helixplayer-1.0.4"


Real Networks RealPlayer Enterprise

Real Networks Helix Player for Linux 1.0.1

Real Networks RealPlayer Enterprise 1.1

Real Networks RealPlayer Enterprise 1.2

Real Networks RealPlayer Enterprise 1.5

Real Networks RealPlayer Enterprise 1.6

Real Networks RealPlayer Enterprise 1.7

Real Networks RealPlayer 10.0

Real Networks RealPlayer For Unix 10.0.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站