RealNetworks.RealPlayer.ActiveX.CDDA.URI.Code.Execution
Description
This indicates an attack attempt against a code-execution vulnerability in RealNetworks RealPlayer ActiveX control.
The vulnerability is due to an error when the vulnerable software accesses uninitialized memory during processing of CDDA URIs. An attacker can leverage this vulnerability to execute arbitrary code by enticing a target user to open a crafted web file.
Affected Products
Real Networks RealPlayer SP 1.1.4
Real Networks RealPlayer SP 1.0.5
Real Networks RealPlayer SP 1.0.2
Real Networks RealPlayer SP 1.0.1
Real Networks RealPlayer SP 1.0
Real Networks RealPlayer SP 1.1.3
Real Networks RealPlayer SP 1.1.2
Real Networks RealPlayer SP 1.1.1
Real Networks RealPlayer SP 1.1
Real Networks RealPlayer Enterprise 2.1.2
Real Networks RealPlayer Enterprise 1.7
Real Networks RealPlayer Enterprise 1.6
Real Networks RealPlayer Enterprise 1.5
Real Networks RealPlayer Enterprise 1.2
Real Networks RealPlayer Enterprise 1.1
Real Networks RealPlayer 11 Beta 6.0.14 .550
Real Networks RealPlayer 11.0.5
Real Networks RealPlayer 11.0.4
Real Networks RealPlayer 11.0.3
Real Networks RealPlayer 11.0.2
Real Networks RealPlayer 11.0.1
Real Networks RealPlayer 11.1
Real Networks RealPlayer 11 Beta
Real Networks RealPlayer 11
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest versions:
http://www.realnetworks.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |