Skip to main content

RealPlayer Multiple Vulnerabilities

Last Update Date: 11 Sep 2012 10:18 Release Date: 11 Sep 2012 5110 Views

RISK: High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

Multiple vulnerabilities have been identified in RealPlayer, which can be exploited by malicious people to compromise a user's system.

  1. An error when unpacking AAC stream data can be exploited to cause a buffer overflow.
  2. An error when decoding AAC SDK can be exploited to corrupt heap memory.
  3. An error when handling RealMedia files can be exploited to cause a buffer overflow.
  4. Another error when handling RealMedia files can be exploited to cause a buffer overflow.

NOTE: Additionally, a weakness exists when parsing codec frame size, which can lead to a crash.


Impact

  • Remote Code Execution

System / Technologies affected

  • For Windows: RealPlayer versions 15.0.2.72 and prior.
  • For Mac: Mac RealPlayer versions 12.0.0.1701 and prior.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • For Windows: Update to version 15.0.3.37 or later.
  • For Mac: Update to version 12.0.1.1750.

Vulnerability Identifier


Source


Related Link