RealPlayer and RealOne Player Multiple Buffer Overflow Vulnerabilities
Via FrSIRT. Technical Description
Advisory ID : FrSIRT/ADV-2005-2385
CVE ID : CVE-2005-2629 - CVE-2005-2630
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-11-10
Multiple vulnerabilities were identified in RealPlayer and RealOne Player, which could be exploited by remote attackers to execute arbitrary commands.
The first issue is due to a stack overflow error when processing a malformed data packet contained in a Real Media file, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a malicious Web page hosting a specially crafted ".rm" file.
The second vulnerability is due to a heap overflow error in the "DUNZIP32.DLL" library that does not properly handle a malformed RealPlayer skin file, which could be exploited by attackers to execute arbitrary commands by tricking a user into visiting a malicious Web page hosting a specially crafted ".rjs" file.
The third flaw is due to an unspecified stack overflow error when processing malicious skin files, which could be exploited by remote attackers to compromise a vulnerable system.
RealPlayer 10.5 (6.0.12.1040-1235)
RealPlayer 10
RealOne Player v2
RealOne Player v1
RealPlayer 8
RealPlayer Enterprise 1.1
RealPlayer Enterprise 1.2
RealPlayer Enterprise 1.5
RealPlayer Enterprise 1.6
RealPlayer Enterprise 1.7
Mac RealPlayer 10 (10.0.0.305 - 331)
Linux RealPlayer 10 (10.0.0 - 5)
Helix Player (10.0.0 - 5)
RealPlayer 10.5 (Windows) patch :
http://service.real.com/help/faq/security/051110_player/EN/win32patch.rnx
RealPlayer 8, RealOne Player (English), RealOne Player V2, and RealPlayer 10 (Windows) patch :
http://service.real.com/help/faq/security/051110_player/EN/player.rnx
RealPlayer Enterprise update :
http://docs.real.com/docs/entinst.exe
RealPlayer 10 (Mac OS X) update :
http://www.real.com/upgrade/mac_upgrade.html
RealPlayer 10 (Linux) update :
http://www.real.com/linux
Helix Player (Linux) update :
http://player.helixcommunity.org/downloads/
http://www.frsirt.com/english/advisories/2005/2385
http://service.real.com/help/faq/security/security111005.html
http://service.real.com/help/faq/security/051110_player/EN/
http://www.frsirt.com/english/reference/589
http://www.frsirt.com/english/reference/588
0 Comments:
Post a Comment
<< Home