RealNetworks RealPlayer Heap Based BoF Vulnerability (Mac OS X) Network Vulnerability

Summary

This host is installed with RealPlayer which is prone to heap based buffer overflow vulnerability.

Impact

Successful exploitation allows remote attackers to to cause heap based buffer overflow leading to arbitrary code execution or denial of service condition. Impact Level: System/Application

Solution

Upgrade to RealPlayer version 12.0.1.1738 or later, For updates refer to http://www.real.com/player

Insight

Flaw due to improper sanitization of user-supplied input when parsing MP4 files.

Affected

RealPlayer version 12.0.0.1701 and prior on Mac OS X

References

http://cxsecurity.com/cveshow/CVE-2013-1750
http://service.real.com/realplayer/security/03152013_player/en
http://www.osvdb.org/91438
http://www.scip.ch/en/?vuldb.8026

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1750

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)
Adobe Air Code Execution and DoS Vulnerabilities (MAC OS X)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)

Take action and discover your vulnerabilities