Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Realone_desktop_manager | Realnetworks | * | * |
| Realone_enterprise_desktop | Realnetworks | 6.0.11.774 (including) | 6.0.11.774 (including) |
| Realone_player | Realnetworks | 1.0 (including) | 1.0 (including) |
| Realone_player | Realnetworks | 2.0 (including) | 2.0 (including) |
| Realone_player | Realnetworks | 6.0.11.818 (including) | 6.0.11.818 (including) |
| Realone_player | Realnetworks | 6.0.11.830 (including) | 6.0.11.830 (including) |
| Realone_player | Realnetworks | 6.0.11.841 (including) | 6.0.11.841 (including) |
| Realone_player | Realnetworks | 6.0.11.853 (including) | 6.0.11.853 (including) |
| Realone_player | Realnetworks | 6.0.11.868 (including) | 6.0.11.868 (including) |
| Realplayer | Realnetworks | 8.0 (including) | 8.0 (including) |
| Realplayer | Realnetworks | 10.0_beta (including) | 10.0_beta (including) |
References
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html
- http://marc.info/?l=bugtraq\u0026m=107608748813559\u0026w=2
- http://www.ciac.org/ciac/bulletins/o-075.shtml
- http://www.kb.cert.org/vuls/id/473814
- http://www.nextgenss.com/advisories/realone.txt
- http://www.securityfocus.com/bid/9579
- http://www.service.real.com/help/faq/security/040123_player/EN/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15040
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html
- http://marc.info/?l=bugtraq\u0026m=107608748813559\u0026w=2
- http://www.ciac.org/ciac/bulletins/o-075.shtml
- http://www.kb.cert.org/vuls/id/473814
- http://www.nextgenss.com/advisories/realone.txt
- http://www.securityfocus.com/bid/9579
- http://www.service.real.com/help/faq/security/040123_player/EN/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15040