Summary
This host is installed with RealPlayer which is prone to multiple code execution vulnerabilities.
Impact
Successful exploitation will let the attacker execute arbitrary codes within the context of the application and can cause heap overflow or allow remote code execution.
Solution
Upgrade to RealPlayer version 10.5(6.0.12.1741) or 11.0.5 For updates refer to http://www.real.com/player
Insight
Buffer overflow errors exists, when processing a malformed 'ASM Rulebook', 'GIF file', 'media file', 'IVR file', 'SIPR Codec', 'SMIL file','Skin', and 'set_parameter' method.
Affected
RealPlayer versions before 10.5(6.0.12.1741) and
RealPlayer versions 11.0.0 through 11.0.4 on Windows platforms.
References
Severity
Classification
-
CVE CVE-2009-0375, CVE-2009-0376, CVE-2009-4241, CVE-2009-4242, CVE-2009-4243, CVE-2009-4244, CVE-2009-4245, CVE-2009-4246, CVE-2009-4247, CVE-2009-4248, CVE-2009-4257 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- 3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
- Buffer Overflow Vulnerability in Adobe Acrobat and Reader (Win)
- Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)
- Adobe Flash Player Buffer Overflow Vulnerability (Linux)
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)