RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Mac OS X) Network Vulnerability

Summary

This host is installed with RealPlayer which is prone to multiple vulnerabilities.

Impact

Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. Impact Level: Application

Solution

Upgrade to RealPlayer version 12.0.0.1703 or later, For updates refer to http://www.real.com/player

Insight

Multiple flaws are due to, - Unspecified errors in RV20, RV10, RV30, ATRC and AAC codec, allows attackers to execute arbitrary code via unspecified vectors. - An unspecified error related to RealVideo rendering can be exploited to corrupt memory.

Affected

RealPlayer version prior to 12.0.0.1703 on Mac OS X

References

http://secunia.com/advisories/46963/
http://service.real.com/realplayer/security/11182011_player/en/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4245, CVE-2011-4246, CVE-2011-4250, CVE-2011-4252, CVE-2011-4253, CVE-2011-4255, CVE-2011-4256
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Mac OS X)
Adobe Air Code Execution and DoS Vulnerabilities (Windows)

Take action and discover your vulnerabilities