| VID |
23132 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A build version of Rhapsody which is older than version 3 build 0.1141 is detected as installed on the host. Rhapsody is a music service and media player from RealNetworks for Microsoft Windows platforms. Rhapsody build versions prior to version 3 build 0.1141 are vulnerable to a heap overflow in its RealText file format parser. A remote attacker can create a RealMedia file containing specially crafted RealText that, when loaded by the target user, will trigger a heap overflow and execute arbitrary code on the target user's system.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://service.real.com/help/faq/security/security062305.html
http://service.real.com/help/faq/security/050623_player/EN/
http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities
http://www.securityfocus.com/archive/1/403535/30/0/threaded
* Platforms Affected:
Rhapsody 3 (build versions prior to build 0.1141)
Microsoft Windows Any version |
| Recommendation |
Apply the update for this vulnerability, available from the RealNetwork's Customer Support Release Update dated June 23, 2005 at http://service.real.com/help/faq/security/050623_player/EN/ |
| Related URL |
CVE-2005-1277 (CVE) |
| Related URL |
14048 (SecurityFocus) |
| Related URL |
21144 (ISS) |
|
