Vulnerability Name:

CVE-2005-0455 (CCN-19550)

Assigned:2005-02-24
Published:2005-02-24
Updated:2017-10-11
Summary:Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.
CVSS v3 Severity:9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-0455

Source: CCN
Type: RHSA-2005-265
RealPlayer security update

Source: CCN
Type: RHSA-2005-271
HelixPlayer security update

Source: CCN
Type: RHSA-2005-299
realplayer security update

Source: CONFIRM
Type: Patch, Vendor Advisory
http://service.real.com/help/faq/security/050224_player

Source: CCN
Type: RealPlayer Customer Support Web page
RealNetworks, Inc. Releases Update to Address Security Vulnerabilities

Source: CCN
Type: RealNetworks Customer Support Web page
Security Patch Update For Realplayer Enterprise

Source: CCN
Type: CIAC INFORMATION BULLETIN P-152
RealNetworks Security Vulnerabilities

Source: IDEFENSE
Type: Patch, Vendor Advisory
20050301 RealNetworks RealPlayer .smil Buffer Overflow Vulnerability

Source: CCN
Type: iDEFENSE Security Advisory 03.01.05
RealNetworks RealPlayer .smil Buffer Overflow Vulnerability

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:265

Source: REDHAT
Type: UNKNOWN
RHSA-2005:271

Source: CCN
Type: BID-12698
RealNetworks RealOne Player/RealPlayer SMIL File Remote Stack Based Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
realplayer-smil-bo(19550)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10926

Source: CCN
Type: Helix Player Community Download Web page
Player Downloads

Source: SUSE
Type: SUSE-SA:2005:014
RealPlayer: remote buffer overflow

Vulnerable Configuration:Configuration 1:
  • cpe:/a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:8.0:*:win32:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0_6.0.12.690:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.0_beta:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1016_beta:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*
  • OR cpe:/a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20050455
    V
    		CVE-2005-0455
    2015-11-16
    oval:org.mitre.oval:def:10926
    V
    		Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.
    2013-04-29
    oval:com.redhat.rhsa:def:20050271
    P
    		RHSA-2005:271: HelixPlayer security update (Critical)
    2005-03-03
    BACK
    realnetworks realone player 1.0
    realnetworks realone player 2.0
    realnetworks realplayer 8.0
    realnetworks realplayer 8.0
    realnetworks realplayer 10.0
    realnetworks realplayer 10.0_6.0.12.690
    realnetworks realplayer 10.0_beta
    realnetworks realplayer 10.5
    realnetworks realplayer 10.5_6.0.12.1016_beta
    realnetworks realplayer 10.5_6.0.12.1040
    realnetworks realplayer 10.5_6.0.12.1053