Summary
This host is installed with RealPlayer which is prone to multiple vulnerabilities.
Impact
Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service.
Solution
Upgrade to RealPlayer 14.0.1.609 (Build 12.0.1.609) or later, For updates refer to http://www.real.com/player
Insight
The multiple flaws are due to,
- Heap-based buffer overflow error allows remote attackers to execute arbitrary code via malformed multi-rate data in an audio stream.
- An array index error allows remote attackers to execute arbitrary code via a malformed Media Properties Header in a RealMedia file.
Affected
RealNetworks RealPlayer SP 11.0 to 11.1 on Windows platform.
References
Severity
Classification
-
CVE CVE-2010-4375, CVE-2010-4384 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)