APP: RealNetworks RealPlayer MPG Width Integer Underflow Memory Corruption
This signature detects attempts to exploit a known flaw in RealNetworks RealPlayer. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted MPEG file. Successful exploitation can lead to the injection and execution of arbitrary code in the context of the currently logged in user.
Extended Description
Real Networks RealPlayer is prone to multiple security vulnerabilities. Real Networks released an advisory regarding 19 security vulnerabilities in RealPlayer. Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected application. Other attacks may also be possible. The following versions are affected: RealPlayer 11.0 to 11.1 RealPlayer SP 1.0 to 1.1.5 RealPlayer 14.0.0 to 14.0.7 Mac RealPlayer 12.0.0.1701
Affected Products
Real_networks realplayer
Short Name
APP:REAL:REAL-MPG-WIDTH
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2011-4259 Corruption Integer MPG Memory RealNetworks RealPlayer Underflow Width bid:50741
Release Date
01/05/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Real_networks
CVSS Score
9.3