Summary
This host is installed with RealPlayer which is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code on the system or cause the application to crash.
Impact Level: System/Application
Solution
Upgrade to RealPlayer version 15.0.6.14 or later,
For updates refer to http://www.real.com/player
Insight
Multiple errors caused, when
- Unpacking AAC stream
- Decoding AAC SDK
- Handling RealMedia files, which can be exploited to cause a buffer overflow.
Affected
RealPlayer versions 11.x, 14.x and 15.x through 15.0.2.72 RealPlayer SP versions 1.0 through 1.1.5 (12.0.0.879) on Windows
References
Severity
Classification
-
CVE CVE-2012-2407, CVE-2012-2408, CVE-2012-2409, CVE-2012-2410, CVE-2012-3234 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities - October 12 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe Air Multiple Vulnerabilities -01 August 12 (Windows)
- Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)