RealNetworks.RealPlayer.SWF.Flash.File.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in multiple RealNetworks products.
The vulnerability is in swfformat.dll and is caused by the library's inability to handle malformed Flash (SWF) files. Remote attackers may exploit this to execute arbitrary code.
Affected Products
Helix Player 1.x
RealOne Player 1.x
RealOne Player 2.x
RealPlayer 10.x
RealPlayer 8
RealPlayer Enterprise 1.x
Rhapsody 3
Impact
System compromise: a remote unauthenticated attacker can execute arbitrary code on a vulnerable system.
Recommended Actions
Apply the patches supplied in the RealNetwork Security Update for March 2006.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |