| VID |
28122 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of RealOne/RealPlayer which is older or as old as than version 6.0.12.1235 is detected as installed on the host. RealOne / RealPlayer is one of the most widely used products for internet media delivery for Microsoft Windows platforms and most Linux and Unix-based operating systems. RealPlayer versions 8, 10, 10.5, and Enterprise 1.x, RealOne Player versions 1 and 2, and Helix Player 1.x are vulnerable to multiple buffer overflow vulnerabilities. By sending a malicious .rm or .rjs file and persuading the user to open the file, the attacker could overflow a buffer and execute arbitrary code on the system with the permissions of the user running the affected application.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.eeye.com/html/research/advisories/AD20051110a.html
http://www.eeye.com/html/research/advisories/AD20051110b.html
http://www.securityfocus.com/archive/1/416475
* Platforms Affected:
RealNetworks, Inc., Helix Player 1.x
RealNetworks, Inc., RealOne Player 1.0, 2.0
RealNetworks, Inc., RealOne Player for Mac Any version
RealNetworks, Inc., RealPlayer 10
RealNetworks, Inc., RealPlayer 10.5 (6.0.x versions 6.0.12.1235 and earlier)
RealNetworks, Inc., RealPlayer 8.0
RealNetworks, Inc., RealPlayer Enterprise 1.x
Microsoft Windows Any version
Linux Any version
Apple Mac OS Any version |
| Recommendation |
For RealOne and RealPlayer:
Apply the update for this vulnerability, available from the RealNetwork's Customer Support Release Update dated November 10, 2005 at http://service.real.com/help/faq/security/051110_player/EN/
For RealPlayer Enterprise:
Apply the patch for this vulnerability, available from the RealNetwork's Security Patch Update dated November 10, 2005 at http://service.real.com/help/faq/security/security111005.html
For Helix Player:
Apply the update for this vulnerability, available from the Helix Player Community Download Web page at https://player.helixcommunity.org/2005/downloads/
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2005-2629,CVE-2005-2630 (CVE) |
| Related URL |
15381,15382,15383,15398 (SecurityFocus) |
| Related URL |
23024,23025 (ISS) |
|
