RealNetworks RealPlayer IVR File Processing Buffer Overflow Vulnerability (Windows) Network Vulnerability

Summary

This host is installed with RealPlayer which is prone to Buffer Overflow vulnerability.

Impact

Successful exploitation allows remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.

Solution

Upgrade to version 14.0.3 or later, For updates refer to http://www.real.com/player

Insight

The flaws are due to improper bounds checking by the 'rvrender.dll' when processing Internet Video Recording (IVR) files.

Affected

RealPlayer versions 14.0.2.633 and prior

References

http://secunia.com/advisories/43847
http://www.securitytracker.com/id?1025245
http://xforce.iss.net/xforce/xfdb/66209

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1525
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Cogent DataHub Unicode Buffer Overflow Vulnerability
Adobe Flash Player Buffer Overflow Vulnerability (Linux)
ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities
BSPlayer Stack Overflow Vulnerability SRT
ALLMediaServer Request Handling Buffer Overflow Vulnerability

Take action and discover your vulnerabilities