RealNetworks.RealPlayer.RA.Header.Heap.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in several RealNetworks products.
The vulnerability is due to boundary errors that occur when processing RealAudio files. A remote attacker can exploit this by enticing a user to open a crafted RA file.
Affected Products
RealNetworks, RealPlayer, 10.0, Unknown, Windows
RealNetworks, RealPlayer, 10.0, 10.0.0.352, Mac
RealNetworks, RealPlayer, 10.0, 10.0.0.305, Mac
RealNetworks, RealPlayer, 10.0, 10.0.0.331, Mac
RealNetworks, RealPlayer, 10.0, 10.0.9, Linux
RealNetworks, RealPlayer, 10.0, 10.0.8, Linux
RealNetworks, RealPlayer, 10.0, 10.0.7, Linux
RealNetworks, RealPlayer, 10.0, 10.0.6, Linux
RealNetworks, RealPlayer, 10.0, 10.0.5, Linux
RealNetworks, RealPlayer, 10.5, 6.0.12.1040, Windows
RealNetworks, RealPlayer, 10.5, 6.0.12.1578, Windows
RealNetworks, RealPlayer, 10.5, 6.0.12.1698, Windows
RealNetworks, RealPlayer, 10.5, 6.0.12.1741, Windows
RealNetworks, RealOne Player, 2.0, Unknown, Windows
RealNetworks, RealOne Player, Unknown, Unknown, Mac, En
RealNetworks, RealPlayer Enterprise, Unknown, Unknown, Windows, En
RealNetworks, RealPlayer, 8.0
RealNetworks, RealOne Player, 1.0, Unknown, Windows, En
RealNetworks, RealPlayer, 10.1, 10.0.0. 481, Mac
RealNetworks, RealPlayer, 10.1, 10.0.0.396, Mac
RealNetworks, RealPlayer, 10.1, 10.0.0.412, Mac
Impact
System Compromise: remote code execution.
Recommended Actions
Refer to the RealNetworks Customer Support - Real Security Updates web page for upgrade information:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |