RealNetworks.RealPlayer.SWF.Flash.File.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in multiple RealNetworks products.
The vulnerability is in swfformat.dll and is caused by the library's inability to handle malformed Flash (SWF) files. Remote attackers may exploit this to execute arbitrary code.

affected-products-logoAffected Products

Helix Player 1.x
RealOne Player 1.x
RealOne Player 2.x
RealPlayer 10.x
RealPlayer 8
RealPlayer Enterprise 1.x
Rhapsody 3

Impact logoImpact

System compromise: a remote unauthenticated attacker can execute arbitrary code on a vulnerable system.

recomended-action-logoRecommended Actions

Apply the patches supplied in the RealNetwork Security Update for March 2006.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)