HTTP: RealMedia RealPlayer Ierpplug.DLL ActiveX Control Overflow
This signature detects attempts to use unsafe ActiveX controls used by RealMedia RealPlayer. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Real Networks RealPlayer SP is prone to a remote code-execution vulnerability because it fails to sufficiently validate user-supplied data. Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control. Versions prior to and including RealPlayer SP 1.1 for Windows are vulnerable. NOTE: This issue was previously discussed in BID 44144 (Real Networks RealPlayer SP and RealPlayer Enterprise Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
Real_networks realplayer_sp
Short Name
HTTP:STC:ACTIVEX:REAL-IERPCTL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2006-6847 CVE-2007-5601 CVE-2008-3066 CVE-2010-3749 Control Ierpplug.DLL Overflow RealMedia RealPlayer bid:22811 bid:26130 bid:30379 bid:44443
Release Date
01/19/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Real_networks
CVSS Score
9.3
5.0