SUSE-SA:2005:014: RealPlayer

Medium Nessus Plugin ID 17300


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2005:014 (RealPlayer).

Two security problems were found in the media player RealPlayer:

- CVE-2005-0455: A buffer overflow in the handling of .smil files.
- CVE-2005-0611: A buffer overflow in the handling of .wav files.

Both buffer overflows can be exploited remotely by providing URLs opened by RealPlayer.

More informations can be found on this URL:

This updates fixes the problems.


Plugin Details

Severity: Medium

ID: 17300

File Name: suse_SA_2005_014.nasl

Version: $Revision: 1.9 $

Agent: unix

Published: 2005/03/09

Modified: 2013/11/27

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Metasploit (RealNetworks RealPlayer SMIL Buffer Overflow)

Reference Information

CVE: CVE-2005-0455, CVE-2005-0611