Secunia Advisory: SA27620
Release Date: 2008-07-25
Last Update: 2008-07-28
Critical: Highly critical
Impact: Exposure of sensitive information
System access
Where: From remote
Solution Status: Vendor Patch
Software:
RealPlayer 10.x
RealPlayer 11.x
RealPlayer Enterprise 1.x
CVE reference:
CVE-2007-5400 (Secunia mirror)
CVE-2008-1309 (Secunia mirror)
CVE-2008-3064 (Secunia mirror)
CVE-2008-3066 (Secunia mirror)
Description:
Some vulnerabilities have been reported in RealPlayer, which potentially can be exploited by malicious people to disclose certain information or compromise a user's system.
1) An error in the rmoc3260 ActiveX control when handling the "Controls", "Console", or "WindowName" properties with a specific timing can be exploited to cause a memory corruption.
This is reportedly similar to:
SA29315
2) An unspecified error can be exploited to reference local resources.
3) A design error within the handling of frames in Shockwave Flash (SWF) files can be exploited to cause a heap-based buffer overflow.
4) A boundary error in rjbdll.dll can be exploited to cause a stack-based buffer overflow by importing a media library file using an ActiveX control and deleting the imported file.
Successful exploitation of the vulnerabilities allow execution of arbitrary code.
The following products are affected by one or all vulnerabilities (see vendor's advisory for details):
* RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802)
* RealPlayer 10.5 (6.0.12.1040-6.0.12.1663, 6.0.12.1698, 6.0.12.1741)
* RealPlayer 10
* RealPlayer Enterprise
* Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503)
* Mac RealPlayer 10 (10.0.0.305 - 352)
* Linux RealPlayer 10
Solution:
Update to the latest versions. Please see the vendor's advisory for details.
http://service.real.com/realplayer/security/07252008_player/en/
Bollettino Sicurezza
Info in italiano
Release Date: 2008-07-25
Last Update: 2008-07-28
Critical: Highly critical
Impact: Exposure of sensitive information
System access
Where: From remote
Solution Status: Vendor Patch
Software:
RealPlayer 10.x
RealPlayer 11.x
RealPlayer Enterprise 1.x
CVE reference:
CVE-2007-5400 (Secunia mirror)
CVE-2008-1309 (Secunia mirror)
CVE-2008-3064 (Secunia mirror)
CVE-2008-3066 (Secunia mirror)
Description:
Some vulnerabilities have been reported in RealPlayer, which potentially can be exploited by malicious people to disclose certain information or compromise a user's system.
1) An error in the rmoc3260 ActiveX control when handling the "Controls", "Console", or "WindowName" properties with a specific timing can be exploited to cause a memory corruption.
This is reportedly similar to:
SA29315
2) An unspecified error can be exploited to reference local resources.
3) A design error within the handling of frames in Shockwave Flash (SWF) files can be exploited to cause a heap-based buffer overflow.
4) A boundary error in rjbdll.dll can be exploited to cause a stack-based buffer overflow by importing a media library file using an ActiveX control and deleting the imported file.
Successful exploitation of the vulnerabilities allow execution of arbitrary code.
The following products are affected by one or all vulnerabilities (see vendor's advisory for details):
* RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802)
* RealPlayer 10.5 (6.0.12.1040-6.0.12.1663, 6.0.12.1698, 6.0.12.1741)
* RealPlayer 10
* RealPlayer Enterprise
* Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503)
* Mac RealPlayer 10 (10.0.0.305 - 352)
* Linux RealPlayer 10
Solution:
Update to the latest versions. Please see the vendor's advisory for details.
http://service.real.com/realplayer/security/07252008_player/en/
Bollettino Sicurezza
Info in italiano
