This host is installed with RealPlayer which is prone to multiple vulnerabilities

Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. Impact Level: System/Application

Upgrade to RealPlayer version 14.0.6 or later, For updates refer to http://www.real.com/player

Multiple flaws are due to, - Unspecified errors in an ActiveX control in the browser plugin. - Improper handling of DEFINEFONT fields in SWF files which allows remote attackers to execute arbitrary code via a crafted file. - A buffer overflow error which allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file and crafted ID3v2 tags in an MP3 file. - An use-after-free error allows remote attackers to execute arbitrary code via vectors related to a dialog box and a modal dialog box.

RealPlayer versions 11.0 through 11.1 RealPlayer SP versions 1.0 through 1.1.5 (12.x) RealPlayer versions 14.0.0 through 14.0.5 RealPlayer Enterprise versions 2.0 through 2.1.5

• http://secunia.com/advisories/44014/
• http://secunia.com/advisories/45608/
• http://service.real.com/realplayer/security/08162011_player/en/

---

Updated on 2015-03-25