[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Realplayer Watchfolders Long Filepath Overflow
- To: "'full-disclosure'" <full-disclosure@xxxxxxxxxxxxxxxxx>, "'bugtraq'" <bugtraq@xxxxxxxxxxxxxxxxx>, <secalert@xxxxxxxxxxxxxxxxxx>, <bugs@xxxxxxxxxxxxxxxxxxx>, <vuln@xxxxxxxxxxxxxxxx>, <news@xxxxxxxxxxxxxx>, <moderators@xxxxxxxxx>, <submissions@xxxxxxxxxxxxxxxxxxxxxxx>, <submit@xxxxxxxxxxxxxx>
- Subject: [Full-disclosure] Realplayer Watchfolders Long Filepath Overflow
- From: "Joseph Sheridan" <joe@xxxxxxxxxxxxxx>
- Date: Fri, 26 Oct 2012 12:48:26 +0100
Realplayer Watchfolders Long Filepath Overflow
Realplayer is vulnerable to a stack buffer overflow vulnerability in the 'Watch
Folders' facility (CVE-2012-4987).
Details here:
http://www.reactionpenetrationtesting.co.uk/realplayer-watchfolders.html
Research:
http://www.reactionpenetrationtesting.co.uk/research.html
Homepage:
http://www.reactionpenetrationtesting.co.uk/
Joseph Sheridan
Director
CHECK Team Leader, CREST Infrastructure, CREST Application, CISSP
Tel: 07812052515
Web: www.reactionis.co.uk
Email: joe@xxxxxxxxxxxxxxxx
Reaction Information Security Limited.
Registered in England No: 6929383
Registered Office: 1, The Mews, 69 New Dover Road, Canterbury, CT1 3DZ
This email and any files transmitted with it are confidential and are intended
solely for the use of the individual to whom they are addressed. If you are not
the intended recipient please notify the sender. Any unauthorised dissemination
or copying of this email or its attachments and any use or disclosure of any
information contained in them, is strictly prohibited.
Please consider the environment before printing this email
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/