Intrusion Prevention

RealNetworks.RealPlayer.IVR.File.Processing.Code.Execution

Description

This indicates an attack attempt to exploit a remote code execution vulnerability in RealNetworks RealPlayer.
The vulnerability is caused by an error when the vulnerable software handles a crafted .ivr file. It allows a remote attacker to execute arbitrary code via sending a crafted .ivr file.

Affected Products

Realplayer 11.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to non-vulnerable version.

CVE References

CVE-2009-0375 CVE-2009-0376