Intrusion Prevention

RealNetworks.RealPlayer.ASMRulebook.Code.Execution

Description

This indicates an attack attempt against a remote code-execution vulnerability in RealPlayer.
The vulnerability is caused by an error when the vulnerable software handles
malicious "ASMRuleBook" structures. It allows a remote attacker to execute
arbitrary code via sending a video file.

Affected Products

RealNetworks RealPlayer

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version.

CVE References

CVE-2009-4241