[Full-disclosure] ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability
reepex
reepex at gmail.com
Thu Nov 1 03:57:36 GMT 2007
user interaction on a random file format? haven't we been over this
types of bugs?
This pool of zdi bugs is almost more laughable then idefense's aix spam flood
On 10/31/07, zdi-disclosures at 3com.com <zdi-disclosures at 3com.com> wrote:
> This vulnerability allows remote attackers to execute code on vulnerable
> installations of RealPlayer. User interaction is required in that a
> user must open a malicious .ra/.ram file or visit a malicious web
> site.
Full-Disclosure is hosted and sponsored by Secunia.