| VID |
28229 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of RealPlayer which is older than version 6.0.12.1675 / 6.0.14.806 has been installed on the host. RealOne / RealPlayer is one of the most widely used products for internet media delivery for Microsoft Windows platforms and most Linux and Unix-based operating systems. RealNetworks RealPlayer / RealOne Player / RealPlayer Enterprise are vulnerable to multiple buffer overflow vulnerabilities. By sending a specially-crafted media file (eg, '.mp3', '.rm', '.SMIL', '.swf', '.ram', or '.pls') and persuading the user to open the file, the attacker could overflow a buffer and execute arbitrary code on the system with the permissions of the user running the affected application.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://service.real.com/realplayer/security/07252008_player/en/
http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0157.html
http://secunia.com/secunia_research/2007-93/advisory/
http://www.zerodayinitiative.com/advisories/ZDI-08-046
http://www.securityfocus.com/archive/1/494778/30/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-08-047
http://www.securityfocus.com/archive/1/494779/30/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2008-07/0540.html
http://www.frsirt.com/english/advisories/2008/2194
http://secunia.com/advisories/27620/
http://secunia.com/advisories/29315/
* Platforms Affected:
RealNetworks, RealOne Player v1, v2
RealNetworks, RealPlayer 10.0
RealNetworks, RealPlayer 8
RealNetworks, RealPlayer 11 (11.0.x prior to 11.0.3 build 6.0.14.806)
RealNetworks, RealPlayer 10.5 (6.0.x prior to build 6.0.12.1675)
RealNetworks, RealPlayer Enterprise Any version
Microsoft Windows Any version
Linux Any version
Apple Mac OS Any version |
| Recommendation |
For RealPlayer:
Upgrade to the latest version of RealPlayer (11.0.3, build 6.0.14.806) / 10.5, build 6.0.12.1675 or later), available from the RealNetwork Web site at http://www.real.com/realplayer.html
For Helix Player:
Apply the update for this vulnerability, available from the Helix Player Community Download Web page at https://player.helixcommunity.org/downloads/
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2007-5400,CVE-2008-1309,CVE-2008-3064,CVE-2008-3066 (CVE) |
| Related URL |
28157,30370,30376,30378,30379 (SecurityFocus) |
| Related URL |
41087,43996,44013,44014 (ISS) |
|
