Searching smil software vulnerabilities

Multiple buffer overflows in RealOne and RealPl

RealPlayer | arbitrary | overflows | attackers | Multiple | execute | RealOne | buffer | remote | allow | code | via |

Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename.


RealOne player allows remote attackers to execu

demonstrated | presentation | references | previously | arbitrary | scripting | attackers | Computer" | executed | security | protocol | RealOne | execute | context | script | remote | allows | player | loaded | using | which | zone | SMIL | "My | URL | via |

RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.


Multiple buffer overflows in RealOne Player, Re

Enterprise | RealPlayer | attackers | malformed | overflows | arbitrary | Multiple | execute | RealOne | Desktop | Player | buffer | remote | allow | code | via |

Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files.


Integer overflow in pnen3260.dll in RealPlayer

pnen3260dll | RealPlayer | overflow | through | Integer |

Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.


RealOne player 6.0.11.868 allows remote attacke

RealOne | player |

RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.


Stack-based buffer overflow in the CSmil1Parser

Stack-based | overflow | buffer |

Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.


Heap-based buffer overflow in rtffplin.cpp in R

rtffplincpp | RealPlayer | Heap-based | overflow | buffer |

Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file.


Multiple buffer overflows in ArcSoft MMS Compos

overflows | Multiple | Composer | ArcSoft | buffer | MMS |

Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service) messages that trigger the overflows in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers.


Integer overflow in Apple Quicktime before 7.2

Quicktime | overflow | Integer | before | Apple | Mac |

Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.


Software vulnerabilities results 1 to 10 of 10     
Page: 1