RealNetworks RealPlayer PNG Deflate Heap Corruption Vulnerability

Bugtraq ID: 7177
Class: Boundary Condition Error
CVE: CVE-2003-0141
Remote: Yes
Local: Yes
Published: Mar 28 2003 12:00AM
Updated: Jul 11 2009 09:06PM
Credit: Discovery is credited to Juliano Rizzo, Agustin Azubel Friedman, Bruno Acselrad and Carlos Sarraute from Core Security Technologies.
Vulnerable: RealNetworks RealPlayer 8.0 Win32
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98 SP1
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
RealNetworks RealPlayer 8.0 Unix
- Caldera OpenLinux Workstation 3.1
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 alpha
- HP HP-UX 11.11
- HP HP-UX 11.0
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
- IBM AIX 4.2.1
- IBM AIX 4.2
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Redhat Linux 7.2 i386
- Redhat Linux 7.1 i386
- Redhat Linux 7.0 i386
- Redhat Linux 6.2 sparc
- Redhat Linux 6.2 i386
- Redhat Linux 6.2 alpha
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
- SCO eDesktop 2.4
- SGI IRIX 6.5.14
- SGI IRIX 6.5.13 m
- SGI IRIX 6.5.13 f
- SGI IRIX 6.5.13
- SGI IRIX 6.5.12 m
- SGI IRIX 6.5.12 f
- SGI IRIX 6.5.12
- SGI IRIX 6.5.11 m
- SGI IRIX 6.5.11 f
- SGI IRIX 6.5.11
- SGI IRIX 6.3
- Slackware Linux 8.0
- Slackware Linux 7.1
- Slackware Linux 7.0
- Sun Solaris 7.0
- Sun Solaris 2.6
+ SuSE Linux 8.1
- SuSE Linux 7.2 i386
- SuSE Linux 7.1 x86
- SuSE Linux 7.1
- SuSE Linux 7.0 i386
+ SuSE Linux Desktop 1.0
RealNetworks RealPlayer 8.0 Mac
RealNetworks RealOne Player Gold for Windows 6.0.10 .505
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 95 SR2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
RealNetworks RealOne Player for OSX 9.0 .297
RealNetworks RealOne Player for OSX 9.0 .288
RealNetworks RealOne Player 6.0.11 .853
RealNetworks RealOne Player 6.0.11 .841
RealNetworks RealOne Player 6.0.11 .830
RealNetworks RealOne Player 6.0.11 .818
RealNetworks RealOne Player 2.0
RealNetworks RealOne Player
RealNetworks RealOne Enterprise Desktop 6.0.11 .774
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus