Korean

<< Back VID 28283 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description According to its build number, the installed version of RealPlayer on the remote Windows host has multiple buffer overflow vulnerabilities : - A RealPlayer malformed 'IVR' pointer index code execution vulnerability exists. (CVE-2010-2996) - A RealPlayerActiveX unauthorized file access vulnerability exists. (CVE-2010-3002) - A RealPlayer 'QCP' file parsing integer overflow vulnerability exists. (CVE-2010-0116) - A vulnerability exists in the way RealPlayer processes the dimensions in the 'YUV420' transformation of 'MP4' content. (CVE-2010-0117) - A heap-based buffer overflow vulnerability exists in RealPlayer's 'QCP' parsing. (CVE-2010-0120) - A vulnerability exists in the ActiveX IE plugin relating to the opening of multiple browser windows. (CVE-2010-3001) - Multiple integer overflow vulnerabilities exist in RealPlayer's 'FLV' parsing. (CVE-2010-3000) * Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://securitytracker.com/alerts/2004/Sep/1011449.html http://www.ciac.org/ciac/bulletins/o-223.shtml * Platforms Affected: RealPlayer 10.5 (6.0.12.1040) EN for Windows RealPlayer 10.5 Beta (6.0.12.1016) EN for Windows RealPlayer 10 All for Windows RealOne Player v1, v2 All for Windows RealPlayer 8 All for Windows RealPlayer Enterprise EN for Windows Mac RealPlayer 10 Beta EN Mac RealOne Player EN RealPlayer 10 EN for Linux Helix Player EN for Linux Microsoft Windows Any version Recommendation Upgrade to the latest version available from the RealNetworks Web site at http://www.service.real.com/help/faq/security/08262010_player/EN/ Related URL CVE-2010-0116,CVE-2010-0117,CVE-2010-0120,CVE-2010-2996,CVE-2010-3000,CVE-2010-3001,CVE-2010-3002 (CVE) Related URL 42775 (SecurityFocus) Related URL (ISS)