FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

realplayer -- arbitrary file deletion and other vulnerabilities

Affected packages
linux-realplayer < 10.0.2

Details

VuXML ID 02274fd9-6bc5-11d9-8edb-000a95bc6fae
Discovery 2004-10-06
Entry 2005-01-21

An NGSSoftware Insight Security Research Advisory reports:

Two vulnerabilities have been discovered in RealPlayer which may potentially be leveraged to allow remote code execution, or may used in combination with the Real Metadata Package File Deletion vulnerability to reliably delete files from a users system.

References

URL http://service.real.com/help/faq/security/040928_player/EN/
URL http://www.ngssoftware.com/advisories/real-02full.txt
URL http://www.ngssoftware.com/advisories/real-03full.txt