This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated HelixPlayer package that fixes a buffer overflow issue is
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
HelixPlayer is a media player.
A buffer overflow bug was found in the way HelixPlayer processes SMIL
files. An attacker could create a specially crafted SMIL file, which
when combined with a malicious web server, could execute arbitrary
code when opened by a user. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2005-1766 to this
All users of HelixPlayer are advised to upgrade to this updated
package, which contains HelixPlayer version 10.0.5 and is not
vulnerable to this issue.
See also :
Update the affected HelixPlayer package.
Risk factor :
Medium / CVSS Base Score : 5.1
Family: Red Hat Local Security Checks
Nessus Plugin ID: 18555 ()
CVE ID: CVE-2005-1766