Summary
The host is installed with RealPlayer and is prone to memory corruption vulnerability.
Impact
Successful exploitation will allow remote attackers to corrupt memory, causing a denial of service or potentially allowing the execution of arbitrary code.
Impact Level: System/Application
Solution
No solution or patch is available as of 20th February, 2015. Information regarding this issue will updated once the solution details are available.
For updates refer to http://www.real.com
Insight
Flaw is due to input not being properly sanitized when handling a specially crafted 3GP file.
Affected
RealNetworks RealPlayer version 16.0.3.51 and before on Windows.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-3444 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)