virus logo Intrusion Prevention

RealNetworks.Products.Remote.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit a buffer-overflow vulnerability in RealNetworks Products.
The vulnerability is caused by an error that occurs when the vulnerable
software handles malformed MP3, RM, SMIL, SWF, RAM and PLS files. A remote attacker may exploit this to execute arbitrary code via a crafted media file.

affected-products-logoAffected Products

Real Networks RealPlayer Enterprise
Real Networks RealPlayer 8
Real Networks RealPlayer 10 for Mac OS 10.0 481
Real Networks RealPlayer 10 for Mac OS 10.0 412
Real Networks RealPlayer 10 for Mac OS 10.0 396
Real Networks RealPlayer 10 for Mac OS 10.0 352
Real Networks RealPlayer 10 for Mac OS 10.0.0.331
Real Networks RealPlayer 10 for Mac OS 10.0.0.325
Real Networks RealPlayer 10 for Mac OS 10.0.0.305
Real Networks RealPlayer 10 for Linux 10.0.8
Real Networks RealPlayer 10 for Linux 10.0.7
Real Networks RealPlayer 10 for Linux 10.0.6
Real Networks RealPlayer 10 for Linux 10.0.5
Real Networks RealPlayer 10.5
Real Networks RealPlayer 10.0
+ S.u.S.E. cvsup-16.1h-43.i586.rpm
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2
Real Networks RealOne Player for Mac 0
Real Networks RealOne Player 2.0
Real Networks RealOne Player 1.0
Real Networks Helix Player for Linux 10.0.7
Real Networks Helix Player for Linux 10.0.6
Real Networks Helix Player for Linux 10.0.5
Real Networks Helix Player for Linux 10.0 8

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch, available from the following web site:
http://service.real.com/realplayer/security/10252007_player/en/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 15123
Created Nov 13, 2007
Updated Nov 09, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2007-4599 CVE-2007-2264 CVE-2007-2263 CVE-2007-5081 CVE-2007-5080
Exploit Prediction Score 96.06%
Default Action drop
Active
Affected OS Windows, Linux
Affected App Real