APP: RealPlayer Malicious Skin Download
This signature detects attempts to exploit a known vulnerability against RealPlayer. Attackers can craft a malicious skin file, which if a user downloads, allows the attacker to execute arbitrary code in the context of the user.
Extended Description
DynaZip is susceptible to a stack-based buffer-overflow vulnerability. This issue is due to the library's failure to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. A remote attacker may exploit this vulnerability to execute arbitrary instructions in the context of an application that uses the affected library. The following applications are known to include vulnerable versions of the affected library: - RealPlayer for Microsoft Windows - RealOne Player for Microsoft Windows - CheckMark Payroll 2004/2005. Other applications also likely include the vulnerable library.
Affected Products
Ibm lotus_notes
Short Name
APP:REAL:PLAYER-MAL-SKIN
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2004-1094 CVE-2005-2630 Download Malicious RealPlayer Skin bid:11555 bid:15382
Release Date
11/03/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Dtsearch_corp
Ibm
Mcafee
Innermedia
Real_networks
Checkmark_software_inc.
CVSS Score
10.0
5.1