RealNetworks.RealPlayer.ActiveX.CDDA.URI.Code.Execution

description-logoDescription

This indicates an attack attempt against a code-execution vulnerability in RealNetworks RealPlayer ActiveX control.
The vulnerability is due to an error when the vulnerable software accesses uninitialized memory during processing of CDDA URIs. An attacker can leverage this vulnerability to execute arbitrary code by enticing a target user to open a crafted web file.

affected-products-logoAffected Products

Real Networks RealPlayer SP 1.1.4
Real Networks RealPlayer SP 1.0.5
Real Networks RealPlayer SP 1.0.2
Real Networks RealPlayer SP 1.0.1
Real Networks RealPlayer SP 1.0
Real Networks RealPlayer SP 1.1.3
Real Networks RealPlayer SP 1.1.2
Real Networks RealPlayer SP 1.1.1
Real Networks RealPlayer SP 1.1
Real Networks RealPlayer Enterprise 2.1.2
Real Networks RealPlayer Enterprise 1.7
Real Networks RealPlayer Enterprise 1.6
Real Networks RealPlayer Enterprise 1.5
Real Networks RealPlayer Enterprise 1.2
Real Networks RealPlayer Enterprise 1.1
Real Networks RealPlayer 11 Beta 6.0.14 .550
Real Networks RealPlayer 11.0.5
Real Networks RealPlayer 11.0.4
Real Networks RealPlayer 11.0.3
Real Networks RealPlayer 11.0.2
Real Networks RealPlayer 11.0.1
Real Networks RealPlayer 11.1
Real Networks RealPlayer 11 Beta
Real Networks RealPlayer 11

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest versions:
http://www.realnetworks.com/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)