Family: Debian Local Security Checks --> Category: infos
[DSA826] DSA-826-1 helix-player Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Multiple security vulnerabilities have been identified in the
helix-player media player that could allow a possible hacker to execute code
on the victim's machine via specially crafted network resources.
Buffer overflow in the RealText parser could allow remote code
execution via a specially crafted RealMedia file with a long
Format string vulnerability in Real HelixPlayer and RealPlayer 10
allows remote attackers to execute arbitrary code via the image
handle attribute in a RealPix (.rp) or RealText (.rt) file.
For the stable distribution (sarge), these problems have been fixed in
For the unstable distribution (sid), these problems have been fixed in
We recommend that you upgrade your helix-player package.
helix-player was distributed only on the i386 and powerpc architectures
Solution : http://www.debian.org/security/2005/dsa-826
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.