| VID |
28032 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Windows RealPlayer has a PNG deflate heap corruption vulnerability.
The vulnerability is related to the way RealPlayer handles PNG (Portable Network Graphics) image files. Specifically, the vulnerability occurs when RealPlayer attempts to decompress PNG image files. By creating a specifically corrupted PNG file, it is possible to cause heap corruption to occur, allowing an attacker to execute arbitrary code on a user's machine.
An attacker can exploit this vulnerability by tricking a user into viewing a maliciously constructed PNG image file. When the image file is rendered by the RealPlayer, it will trigger the heap corruption condition and overwrite critical areas in memory with attacker-supplied values.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://marc.theaimsgroup.com/?l=bugtraq&m=104887465427579&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html
http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10
http://www.kb.cert.org/vuls/id/705761
* Platforms Affected:
Real Networks RealOne Player 6.0.11.853 or prior
Real Networks RealOne Player 6.0.10.xxx
Real Networks RealOne Player 6.0.9.584 or prior
Microsoft Windows Any version |
| Recommendation |
Install the updates, available from the RealNetworks Security Update, 2003.3:
http://service.real.com/help/faq/security/securityupdate_march2003.html |
| Related URL |
CVE-2003-0141 (CVE) |
| Related URL |
7177 (SecurityFocus) |
| Related URL |
(ISS) |
|
