CVE-2006-0323
CVE-2006-0323
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/1622unverifiedexploitdbwww.exploit-db.com/exploits/27460unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/19358http://secunia.com/advisories/19362http://secunia.com/advisories/19365http://secunia.com/advisories/19390http://securityreason.com/securityalert/690http://securitytracker.com/id?1015806https://exchange.xforce.ibmcloud.com/vulnerabilities/25408http://www.gentoo.org/security/en/glsa/glsa-200603-24.xmlhttp://www.kb.cert.org/vuls/id/231028http://www.novell.com/linux/security/advisories/2006_18_realplayer.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0257.htmlhttp://www.securityfocus.com/archive/1/430621/100/0/threaded