CVE-2005-0347

Properties

Published:
01.05.2005
Updated:
05.01.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
RealNetworks: RealArcade

Vulnerability description

Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow.

References:

BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110792779115794&w=2
SECUNIA: http://secunia.com/advisories/14187/
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110792779115794&w=2
XF: http://xforce.iss.net/xforce/xfdb/19259
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110792779115794&w=2
SECTRACK: http://securitytracker.com/id?1013128