APP: RealPlayer Local File Security Bypass
This signature detects attempts to exploit a known vulnerability in the RealMedia RealPlayer program. An attacker can send a malicious .rm file to a user, which upon opening, could run other programs previously placed there by the attacker. The programs are run without user intervention. This attack requires the actual attack code to be placed on the target host's hard drive through some other means.
Extended Description
Successful exploitation of this vulnerability could allow an attacker to execute malicious code on a remote machine by bypassing system security features.
Short Name
APP:REAL:PLAYER-FILE-SEC-BYPASS
Severity
Minor
Recommended
False
Recommended Action
None
Category
APP
Keywords
Bypass CVE-2005-2055 File Local RealPlayer Security
Release Date
03/08/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3324
False Positive
Unknown
CVSS Score
5.0