| VID |
28138 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of RealOne/RealPlayer which is older than version 6.0.12.1483 has been installed on the host. RealOne / RealPlayer is one of the most widely used products for internet media delivery for Microsoft Windows platforms and most Linux and Unix-based operating systems. RealPlayer versions 8, 10, 10.5, and Enterprise 1.x, RealOne Player versions 1 and 2, and Helix Player 10.0.x are vulnerable to multiple buffer overflow vulnerabilities. By sending a malicious SWF or MBC file and persuading the user to open the file, the attacker could overflow a buffer and execute arbitrary code on the system with the permissions of the user running the affected application.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://service.real.com/realplayer/security/03162006_player/en/
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=340
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=404
http://www.frsirt.com/english/advisories/2006/1057
http://xforce.iss.net/xforce/alerts/id/218
http://secunia.com/advisories/19358/
http://securitytracker.com/alerts/2006/Mar/1015806.html
http://securitytracker.com/alerts/2006/Mar/1015808.html
http://securitytracker.com/alerts/2006/Mar/1015810.html
* Platforms Affected:
RealNetworks, Inc., Helix Player 10.0.0 - 10.0.5
RealNetworks, Inc., RealOne Player 1.0, 2.0
RealNetworks, Inc., RealOne Player for Mac Any version
RealNetworks, Inc., RealPlayer 10
RealNetworks, Inc., RealPlayer 10.5 (6.0.x prior to 6.0.12.1483)
RealNetworks, Inc., RealPlayer 8.0
RealNetworks, Inc., RealPlayer Enterprise 1.x
Microsoft Windows Any version
Linux Any version
Apple Mac OS Any version |
| Recommendation |
For RealOne and RealPlayer:
Apply the update for this vulnerability, available from the RealNetwork's Customer Support Release Update dated March 16, 2006 at http://www.service.real.com/realplayer/security/03162006_player/en/
For RealPlayer Enterprise:
Apply the patch for this vulnerability, available from the RealNetwork's Security Patch Update dated March 16, 2006 at http://www.service.real.com/realplayer/security/security/enterprise_031606.html
For Helix Player:
Apply the update for this vulnerability, available from the Helix Player Community Download Web page at https://player.helixcommunity.org/downloads/
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2005-2922,CVE-2005-2936,CVE-2006-0323,CVE-2006-1370 (CVE) |
| Related URL |
17202 (SecurityFocus) |
| Related URL |
23094,25408,25409,25411 (ISS) |
|
