[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability

To: "zdi-disclosures@xxxxxxxx" <zdi-disclosures@xxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability
From: reepex <reepex@xxxxxxxxx>
Date: Wed, 31 Oct 2007 22:57:36 -0500

user interaction on a random file format? haven't we been over this
types of bugs?

This pool of zdi bugs is almost more laughable then idefense's aix spam flood

On 10/31/07, zdi-disclosures@xxxxxxxx <zdi-disclosures@xxxxxxxx> wrote:
> This vulnerability allows remote attackers to execute code on vulnerable
> installations of RealPlayer.  User interaction is required in that a
> user must open a malicious .ra/.ram file or visit a malicious web
> site.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability
  - From: zdi-disclosures

Prev by Date: Re: [Full-disclosure] ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability
Next by Date: Re: [Full-disclosure] spammer wades into US Presidential race
Previous by thread: [Full-disclosure] ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability
Next by thread: [Full-disclosure] ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability
Index(es):
- Date
- Thread