RealNetworks RealPlayer Heap Based BoF Vulnerability (Win) Network Vulnerability

Summary

This host is installed with RealPlayer which is prone to heap based buffer overflow vulnerability.

Impact

Successful exploitation allows remote attackers to to cause heap based buffer overflow leading to arbitrary code execution or denial of service condition. Impact Level: System/Application

Solution

Upgrade to RealPlayer version 16.0.1.18 or later, For updates refer to http://www.real.com/player

Insight

Flaw due to improper sanitization of user-supplied input when parsing MP4 files.

Affected

RealPlayer version 16.0.0.0 and prior

References

http://cxsecurity.com/cveshow/CVE-2013-1750
http://service.real.com/realplayer/security/03152013_player/en
http://www.osvdb.org/91438
http://www.scip.ch/en/?vuldb.8026

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1750

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Code Execution and DoS Vulnerabilities (Windows)
Adobe Air Multiple Vulnerabilities -01 May 13 (Windows)
Adobe Air Multiple Vulnerabilities - October 12 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Windows
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)

Take action and discover your vulnerabilities