Korean

<< Back VID 28198 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description A version of RealPlayer/HelixPlayer which is older than version 6.0.12.1578 has been installed on the host. RealOne / RealPlayer is one of the most widely used products for internet media delivery for Microsoft Windows platforms and most Linux and Unix-based operating systems. RealNetworks RealPlayer and HelixPlayer 10.5-GOLD are vulnerable to a stack-based buffer overflow vulnerability in the wallclock functionality (SmilTimeValue::parseWallClockValue function). By sending a malicious SMIL file containing an overly long time string and persuading the user to open the file, the attacker could overflow a buffer and execute arbitrary code on the system with the permissions of the user running the affected application. * Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547 http://www.securityfocus.com/archive/1/472295/30/0/threaded http://secunia.com/advisories/25819/ * Platforms Affected: RealNetworks, Inc., Helix Player 10.5 - GOLD and earlier RealNetworks, Inc., RealPlayer 10.5 - GOLD and earlier RealNetworks, Inc., RealPlayer 10.5 (6.0.x prior to 6.0.12.1578) Microsoft Windows Any version Linux Any version Apple Mac OS Any version Recommendation For RealPlayer: Upgrade to the latest version of RealPlayer, available from the RealNetwork Web site at http://www.real.com/realplayer.html For Helix Player: Apply the update for this vulnerability, available from the Helix Player Community Download Web page at https://player.helixcommunity.org/downloads/ For other distributions: Contact your vendor for upgrade or patch information. Related URL CVE-2007-3410 (CVE) Related URL 24658 (SecurityFocus) Related URL 35088 (ISS)