• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: RealNetworks RealOne Player/RealPlayer SMIL File Remote Stack Based Buffer Overflow Vulnerability

Severity: HIGH

Description:

RealNetworks RealPlayer and RealOne Player are media players that are available for various operating systems, including Microsoft Windows, Linux, and Mac OS.

RealNetworks RealPlayer and RealOne Player are reported prone to a remote stack based buffer overflow vulnerability. The issue exists due to a lack of boundary checks performed by the application when parsing Synchronized Multimedia Integration Language (SMIL) files. A remote attacker may execute arbitrary code on a vulnerable computer to gain unauthorized access.

RealPlayer and RealOne Player both support the SMIL file format. A remote buffer overflow vulnerability exists in the 'CSmil1Parser::testAttributeFailed()' function of the 'smlparse.cpp' file. It is reported that an attacker can trigger this condition by supplying an excessive value for the 'system-screen-size' attribute in a malformed SMIL file. Specifically, a 'system-screen-size' value larger than 256 bytes can successfully overflow a finite sized buffer due to a strcpy() operation.

A remote attacker may exploit this vulnerability to execute arbitrary instructions in the context of a user that processes a malformed file through the affected application.

This vulnerability is reported to exist in RealNetworks products for Microsoft Windows, Linux, and Apple Mac platforms.

Affected Products:

• Real Networks Helix Player for Linux 1.0.0
• Real Networks RealOne Player 1.0.0
• Real Networks RealOne Player 6.0.11 .818
• Real Networks RealOne Player 6.0.11 .830
• Real Networks RealOne Player 6.0.11 .840
• Real Networks RealOne Player 6.0.11 .841
• Real Networks RealOne Player 6.0.11 .853
• Real Networks RealOne Player 6.0.11 .868
• Real Networks RealOne Player 6.0.11 .872
• Real Networks RealOne Player for OSX 9.0.0 .288
• Real Networks RealOne Player for OSX 9.0.0 .297
• Real Networks RealPlayer 10 for Linux
• Real Networks RealPlayer 10 for Mac OS
• Real Networks RealPlayer 10.0.0
• Real Networks RealPlayer 10.5.0 v6.0.12.1040
• Real Networks RealPlayer 10.5.0 v6.0.12.1053
• Real Networks RealPlayer 10.5.0 v6.0.12.1056
• Real Networks RealPlayer 8.0.0 Win32
• Real Networks RealPlayer Enterprise
• Real Networks RealPlayer Enterprise 1.1.0
• Real Networks RealPlayer Enterprise 1.2.0
• Real Networks RealPlayer Enterprise 1.5.0
• Real Networks RealPlayer Enterprise 1.6.0
• Real Networks RealPlayer For Unix 10.0.3
• RedHat Fedora Core3
• S.u.S.E. Linux Personal 9.2.0
• S.u.S.E. Linux Personal 9.3.0
• S.u.S.E. cvsup-16.1h-36.i586.rpm
• S.u.S.E. cvsup-16.1h-43.i586.rpm

References:

• Real Networks: RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.
• RealNetworks: RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.