| VID |
23162 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A build version of Rhapsody which is older than version 3 build 1.0.270 has been installed on the host. Rhapsody is a music service and media player from RealNetworks for Microsoft Windows platforms. Rhapsody build versions prior to version 3 build 1.0.270 are vulnerable to a buffer overflow vulnerability, caused by improper bounds checking of Shockwave Flash (SWF) files. A remote attacker can create a specially-crafted SWF file that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target user's system.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://service.real.com/realplayer/security/03162006_player/en/
http://www.frsirt.com/english/advisories/2006/1057
http://secunia.com/advisories/19358/
http://securitytracker.com/alerts/2006/Mar/1015806.html
* Platforms Affected:
Rhapsody 3 (build versions prior to build 1.0.270)
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Rhapsody (3 build 1.0.270 or later), available from the RealNetwork's Customer Support Release Update dated March 16, 2006 at http://service.real.com/realplayer/security/03162006_player/en/ |
| Related URL |
CVE-2006-0323 (CVE) |
| Related URL |
17202 (SecurityFocus) |
| Related URL |
25408 (ISS) |
|
