Fortinet Discovers RealNetworks RealPlayer Memory Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in RealNetworks RealPlayer.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released May 05, 2014
Users should upgrade to the latest version of RealPlayer.
The vulnerability can be triggered when opening a maliciously crafted mp4 file which contains a malformed "stsz" atom. It could allow an attacker to execute arbitrary code on the affected system.
Dehui Yin of Fortinet's FortiGuard Labs