Fortinet Discovers RealPlayer MP4 File Parsing Memory Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a buffer overflow vulnerability in RealNetworks RealPlayer.
RealPlayer is a cross-platform media player app, developed by RealNetworks. The media player is compatible with numerous container file formats of the multimedia realm, including MP3, MP4, QuickTime File Format, Windows Media format, and the proprietary RealAudio and RealVideo formats. RealPlayer is also available for other operating systems.
A buffer overflow vulnerability has been discovered in RealPlayer. The vulnerability can be triggered by a specifically crafted MP4 file with the "Sample Size" member of a 'stsz' structure having an overly long size value. Successful exploitation of this vulnerability could grant an attacker remote code execution.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Dec 11, 2016
Users should apply the solution provided by RealNetworks.
Fortinet reported the vulnerability to RealNetworks on Sep. 7.
RealNetworks confirmed the vulnerability on Oct. 10.
RealNetworks patched the vulnerability on Dec. 20.
This vulnerability was discovered by Chris Navarrete and Xiaopeng Zhang of Fortinet's FortiGuard Labs