RealNetworks.RealPlayer.IVR.Handling.Heap.Buffer.Overflow
Description
This indicates an attack attempt against a heap-based buffer overflow vulnerability in RealNetworks RealPlayer.
The application uses a 32-bit value in an IVR file as the size of the buffer that should be allocated. The vulnerability is caused by insufficient input validation when parsing the file. It may allow attackers to execute arbitrary code.
Affected Products
Real Networks RealPlayer 14.0.1.633
Real Networks RealPlayer 14.0.1.609
Real Networks RealPlayer 14.0.1
Real Networks RealPlayer 14.0.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |