RealNetworks RealPlayer Heap Based BoF Vulnerability (Mac OS X) Network Vulnerability

Summary

This host is installed with RealPlayer which is prone to heap based buffer overflow vulnerability.

Impact

Successful exploitation allows remote attackers to to cause heap based buffer overflow leading to arbitrary code execution or denial of service condition. Impact Level: System/Application

Solution

Upgrade to RealPlayer version 12.0.1.1738 or later, For updates refer to http://www.real.com/player

Insight

Flaw due to improper sanitization of user-supplied input when parsing MP4 files.

Affected

RealPlayer version 12.0.0.1701 and prior on Mac OS X

References

http://cxsecurity.com/cveshow/CVE-2013-1750
http://service.real.com/realplayer/security/03152013_player/en
http://www.osvdb.org/91438
http://www.scip.ch/en/?vuldb.8026

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1750

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Linux)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)

Take action and discover your vulnerabilities