Re: ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability

[reepex <reepex () gmail com>]

user interaction on a random file format? haven't we been over this
types of bugs?

This pool of zdi bugs is almost more laughable then idefense's aix spam flood

On 10/31/07, zdi-disclosures () 3com com <zdi-disclosures () 3com com> wrote:
> This vulnerability allows remote attackers to execute code on vulnerable
> installations of RealPlayer.  User interaction is required in that a
> user must open a malicious .ra/.ram file or visit a malicious web
> site.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/