First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 107309
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Carsten Lohrke <carlo@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 107309 depends on: Show dependency tree
Bug 107309 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2005-09-26 11:48 0000 
There is a remotly exploitable format string vulnerability in the latest Helix
Media Player suit that will allow an attacker the possibility to execute
malicious code on a victims computer. The exploit code will execute a remote
shell under the permissions of the user running the media player, and effects
all versions of RealPlayer and Helix Player.

The bug is exploitable by abusing media, including .rp (relpix)and .rt
(realtext) file formats. Although others may be effected I stick to realpix file
format for this advisory.

http://www.open-security.org/advisories/13

------- Comment #1 From Thierry Carrez (RETIRED) 2005-09-26 11:57:38 0000 ------- 
"Real have been duely informed about this issue and are fixing."

------- Comment #2 From Thierry Carrez (RETIRED) 2005-09-28 00:54:36 0000 ------- 
Patch for Helix: in player/common/gtk/hxgerror.cpp:

This line:
err = g_error_new (HX_ERROR, code, message->str);

should become this:
err = g_error_new (HX_ERROR, code, "%s", message->str);

1.0.6 is coming up from Real, but you can start patching...

------- Comment #3 From Thierry Carrez (RETIRED) 2005-10-01 03:10:42 0000 ------- 
Please patch Helix, while we wait for a RealPlayer fix...

------- Comment #4 From Thierry Carrez (RETIRED) 2005-10-01 03:23:38 0000 ------- 
Linux RealPlayer 10.0.6 is out, bump also needed there.

CAN-2005-2710
http://service.real.com/help/faq/security/050930_player/EN/
http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities&flashstatus=true

------- Comment #5 From Thierry Carrez (RETIRED) 2005-10-04 06:34:40 0000 ------- 
realplayer 10.0.6 is up. x86/amd64 please test and mark stable accordingly.
Note: helixplayer still has to be bumped.

------- Comment #6 From Paul Varner 2005-10-04 09:16:00 0000 ------- 
realplayer 10.0.6 stable on x86

------- Comment #7 From Simon Stelling (RETIRED) 2005-10-07 05:11:30 0000 ------- 
realplayer stable on amd64, sorry for the delay

------- Comment #8 From Thierry Carrez (RETIRED) 2005-10-07 10:24:39 0000 ------- 
Thx everyone, this is GLSA 200510-07

------- Comment #9 From Paul Varner 2005-11-21 10:32:48 0000 ------- 
It doesn't appear to me that helixplayer ever got bumped to address the
vulnerability.

------- Comment #10 From Sune Kloppenborg Jeppesen 2005-11-21 10:57:04 0000 ------- 
You're right Paul:-/ 
 
media-video please provide an updated ebuild.

------- Comment #11 From Diego E. 'Flameeyes' Pettenò 2005-11-21 11:17:04 0000 ------- 
Server down, helixplayer masked, pending removal as it seems more a problem 
than anything else.

------- Comment #12 From Sune Kloppenborg Jeppesen 2005-11-22 13:22:00 0000 ------- 
GLSA 200510-07 updated.

------- Comment #13 From Christie Harris 2006-01-12 19:25:01 0000 ------- 
(In reply to comment #11)
> Server down, helixplayer masked, pending removal as it seems more a problem 
> than anything else. 
>  
The server appears to be up. Any chance of getting helixplayer re-added to
portage? It appears the 1.0.6 release has been out since september.

https://helixcommunity.org/download.php/1585/hxplay-1.0.6-source.tar.bz2

------- Comment #14 From Sune Kloppenborg Jeppesen 2006-03-22 12:26:33 0000 ------- 
media-video any news on this one?

------- Comment #15 From Diego E. 'Flameeyes' Pettenò 2006-03-22 12:40:06 0000 ------- 
Realplayer should be updated, helixplayer is removed iirc.

------- Comment #16 From Sune Kloppenborg Jeppesen 2006-03-23 22:08:01 0000 ------- 
helixplayer is removed. Resetting severity rating to reflect Realplayer.

Thx everyone.
First Last Prev Next    No search results available      Search page      Enter new bug