Real Networks RealAudio缓冲区溢出漏洞
Real Networks RealAudio缓冲区溢出漏洞
发布日期:2012-12-14
更新日期:2012-12-18
受影响系统:
Real Networks RealPlayer 15.x
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 56956
CVE(CAN) ID: CVE-2012-5691
RealPlayer是网上收听收看实时音频、视频和Flash的工具。
RealPlayer 15.0.6.14及之前版本在处理RealAudio文件时存在错误,可造成引用缓冲区溢出,导致控制用户系统。
<*来源:Senator
suto
链接:http://secunia.com/advisories/51589/
http://service.real.com/realplayer/security/12142012_player/en/
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Real Networks
-------------
Real Networks已经为此发布了一个安全公告(12142012_player)以及相应补丁:
12142012_player:RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.
链接:http://service.real.com/realplayer/security/12142012_player/en/
评论暂时关闭