BetaONE will rise again!

BetaONE will rise again! (http:\\b1.hcanet.com\forum/index.php)
-   NeoWin News (http:\\b1.hcanet.com\forum/forumdisplay.php?f=6)
-   -   RealPlayer Zipped Skin File Buffer Overflow (http:\\b1.hcanet.com\forum/showthread.php?t=14169)

NewsBot 28th Oct 04 12:00 PM

RealPlayer Zipped Skin File Buffer Overflow
 
eEye Digital Security has discovered a vulnerability in RealPlayer that allows a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code in the context of the user under which the player is running.

A RealPlayer skin file (.rjs extension) can be downloaded and applied automatically through a web browser without the user's permission. A skin file is a bundle of graphics and a .ini file, stored together in ZIP format. DUNZIP32.DLL, which is included with RealPlayer, is used to extract the contents of the skin file. When an .rjs file containing a long file name (greater than around 0x8000 bytes) is opened, either in RealPlayer or through a web browser, a stack based buffer overflow occurs, allowing an exception handler record to be overwritten and EIP to be hijacked.

News source: Neowin
Full story: View Here


All times are GMT +1. The time now is 06:00 AM.

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.