RealNetworks RealPlayer Multiple Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with RealPlayer which is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attacker to execute arbitrary codes within the context of the application.

Solution

Upgrade to RealPlayer SP version 1.1.5, For updates refer to http://www.real.com/player

Insight

The multiple flaws are due to, - Array index error in the player, which allows attackers to execute arbitrary code via a malformed header in a RealMedia '.IVR' file. - Unspecified errors in the player, which allows attackers to bypass intended access restrictions on files via unknown vectors.

Affected

RealNetworks RealPlayer 11.0 to 11.1 on Windows platform.

References

http://service.real.com/realplayer/security/08262010_player/en/
http://xforce.iss.net/xforce/xfdb/61424
http://xforce.iss.net/xforce/xfdb/61426

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2996, CVE-2010-3002

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Windows
Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)

Take action and discover your vulnerabilities