FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  368515
Date:      2014-09-18
Time:      19:53:09Z
Committer: madpilot

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
95ee96f2-e488-11d9-bf22-080020c11455linux-realplayer -- RealText parsing heap overflow

An iDEFENSE Security Advisory reports:

Remote exploitation of a heap-based buffer overflow vulnerability in the RealText file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code.


Discovery 2005-06-23
Entry 2005-06-24
linux-realplayer
le 10.0.4_1

CVE-2005-1277
http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities&flashstatus=false
http://service.real.com/help/faq/security/050623_player/EN/
fe4c84fc-bdb5-11da-b7d4-00123ffe8333linux-realplayer -- heap overflow

iDefense Reports:

Remote exploitation of a heap-based buffer overflow in RealNetwork Inc's RealPlayer could allow the execution of arbitrary code in the context of the currently logged in user.

In order to exploit this vulnerability, an attacker would need to entice a user to follow a link to a malicious server. Once the user visits a website under the control of an attacker, it is possible in a default install of RealPlayer to force a web-browser to use RealPlayer to connect to an arbitrary server, even when it is not the default application for handling those types, by the use of embedded object tags in a webpage. This may allow automated exploitation when the page is viewed.


Discovery 2006-03-23
Entry 2006-03-27
linux-realplayer
ge 10.0.1 lt 10.0.6

CVE-2005-2922
http://service.real.com/realplayer/security/03162006_player/en/
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=404
http://secunia.com/advisories/19358/
fe4c84fc-bdb5-11da-b7d4-00123ffe8333linux-realplayer -- heap overflow

iDefense Reports:

Remote exploitation of a heap-based buffer overflow in RealNetwork Inc's RealPlayer could allow the execution of arbitrary code in the context of the currently logged in user.

In order to exploit this vulnerability, an attacker would need to entice a user to follow a link to a malicious server. Once the user visits a website under the control of an attacker, it is possible in a default install of RealPlayer to force a web-browser to use RealPlayer to connect to an arbitrary server, even when it is not the default application for handling those types, by the use of embedded object tags in a webpage. This may allow automated exploitation when the page is viewed.


Discovery 2006-03-23
Entry 2006-03-27
linux-realplayer
ge 10.0.1 lt 10.0.6

CVE-2005-2922
http://service.real.com/realplayer/security/03162006_player/en/
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=404
http://secunia.com/advisories/19358/
95ee96f2-e488-11d9-bf22-080020c11455linux-realplayer -- RealText parsing heap overflow

An iDEFENSE Security Advisory reports:

Remote exploitation of a heap-based buffer overflow vulnerability in the RealText file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code.


Discovery 2005-06-23
Entry 2005-06-24
linux-realplayer
le 10.0.4_1

CVE-2005-1277
http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities&flashstatus=false
http://service.real.com/help/faq/security/050623_player/EN/
25858c37-bdab-11da-b7d4-00123ffe8333linux-realplayer -- buffer overrun

Secunia Advisories Reports:

A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system.


Discovery 2006-03-23
Entry 2006-03-27
linux-realplayer
ge 10.0.1 lt 10.0.7.785.20060201

CVE-2006-0323
http://service.real.com/realplayer/security/03162006_player/en/
http://secunia.com/advisories/19358/
25858c37-bdab-11da-b7d4-00123ffe8333linux-realplayer -- buffer overrun

Secunia Advisories Reports:

A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system.


Discovery 2006-03-23
Entry 2006-03-27
linux-realplayer
ge 10.0.1 lt 10.0.7.785.20060201

CVE-2006-0323
http://service.real.com/realplayer/security/03162006_player/en/
http://secunia.com/advisories/19358/