APP: RealMedia RAM File Processing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in RealNetworks RealPlayer products. A successful attack can lead to arbitrary code execution.
Extended Description
RealNetworks RealPlayer Enterprise is reported prone to a buffer overflow vulnerability. It is reported that the issue manifests when a malicious RAM file is parsed. A remote attacker may exploit this vulnerability to execute arbitrary code in the context of a user that uses a vulnerable version of the media player to load a malicious RAM file.
Affected Products
Real_networks realone_player
References
BugTraq: 13264
CVE: CVE-2004-0550
URL: http://pb.specialised.info/all/adv/real-ram-adv.txt http://service.real.com/help/faq/security/050419_player/EN/
Short Name
APP:REAL:RAM-FILE-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2004-0258 CVE-2004-0550 CVE-2005-0755 File Overflow Processing RAM RealMedia bid:13264
Release Date
05/03/2005
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Red_hat
Real_networks
CVSS Score
7.5
7.6
5.1