1. Home
  2. CVE Database
  3. CVE-2005-2629
MEDIUM · 5.1

CVE-2005-2629

Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value ...

Vulnerability Description

Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.

CVSS Score

5.1

MEDIUM

AV:N/AC:H/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
RealnetworksHelix Player1.0
RealnetworksRealone Player1.0
RealnetworksRealplayerAll versions

References

FAQ

What is CVE-2005-2629?

CVE-2005-2629 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value ...

How severe is CVE-2005-2629?

CVE-2005-2629 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2629?

Check the references section above for vendor advisories and patch information. Affected products include: Realnetworks Helix Player, Realnetworks Realone Player, Realnetworks Realplayer.