Release DateMay 05, 2009 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer overflow vulnerability in RainbowPlayer.The vulnerability is caused by an error when the vulnerable software handles a malicious .rpl file. It allows a remote attacker to execute arbitrary code via sending a crafted .rpl file. |
Affected ProductsRainbowPlayer 0.91 is vulnerable,other versions may also be affected. |
Recommended ActionsCurrently we are not aware of any vendor supplied patch for this issue. |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/34072 (BugTraq) |
