RealNetworks.RealPlayer.ParseWallClockValue.Buffer.Overflow
Description
RealPlayer and HelixPlayer have a stack based buffer overflow vulnerability. A remote attacker could execute arbitrary code on a vulnerable system, with the privileges of the victim, via an SMIL (SMIL2) file with a long wallclock value.
Affected Products
RealNetworks RealPlayer versions 10.x
Helix Player versions 1.x
Impact
System compromise, remote code execution.
Recommended Actions
Upgrade to the latest version, available from the web site.
http://www.real.com/realplayer.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |