| VID |
28113 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of RealOne/RealPlayer which is older than version 6.0.12.1212 is detected as installed on the host. RealOne / RealPlayer is one of the most widely used products for internet media delivery for Microsoft Windows platforms and most Linux and Unix-based operating systems. RealPlayer versions 8, 10, 10.5, and Enterprise 1.x, RealOne Player versions 1 and 2, and Helix Player 1.x are vulnerable to the following vulnerabilities:
- A remote attacker can create a specially crafted MP3 or RAM file that, when loaded by the target user, will overwrite local files or invoke an ActiveX control on the target user's system.
- A remote attacker can create a RealMedia file containing specially crafted RealText that, when loaded by the target user, will trigger a heap overflow and execute arbitrary code on the target user's system.
- A remote attacker can create a specially crafted AVI file to trigger a buffer overflow and execute arbitrary code on the target user's system.
- Using default settings of earlier Internet Explorer browsers, a remote attacker can create HTML that, when loaded by the target user, will create an HTML file on the target user's system and then invoke a RM file to reference the local HTML file.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://service.real.com/help/faq/security/security062305.html
http://service.real.com/help/faq/security/050623_player/EN/
http://www.idefense.com/application/poi/display?id=250&type=vulnerabilities
http://www.securityfocus.com/archive/1/403535/30/0/threaded
* Platforms Affected:
RealNetworks, Inc., Helix Player 1.x
RealNetworks, Inc., RealOne Player 1.0, 2.0
RealNetworks, Inc., RealOne Player for Mac Any version
RealNetworks, Inc., RealPlayer 10
RealNetworks, Inc., RealPlayer 10.5 (6.0.x prior to 6.0.12.1212)
RealNetworks, Inc., RealPlayer 8.0
RealNetworks, Inc., RealPlayer Enterprise 1.x
Microsoft Windows Any version
Linux Any version
Apple Mac OS Any version |
| Recommendation |
For RealOne and RealPlayer:
Apply the update for this vulnerability, available from the RealNetwork's Customer Support Release Update dated June 23, 2005 at http://service.real.com/help/faq/security/050623_player/EN/
For RealPlayer Enterprise:
Apply the patch for this vulnerability, available from the RealNetwork's Security Patch Update dated June 23, 2005 at http://service.real.com/help/faq/security/security062305.html
For Helix Player:
Apply the update for this vulnerability, available from the Helix Player Community Download Web page at https://player.helixcommunity.org/2005/downloads/
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2005-1766,CVE-2005-2052 (CVE) |
| Related URL |
14048,14073 (SecurityFocus) |
| Related URL |
21110,21129,21131,21132 (ISS) |
|
