Arbitrary Code Execution Vulnerability in RealPlayer - 28 Oct 2004

Reported October 28, 2004, by  eEye Digital Security

VERSIONS AFFECTED

  • RealPlayer 10.5 (6.0.12.1053 and earlier)
  • RealPlayer 10
  • RealOne Player versions 1 and 2

 

DESCRIPTION
A vulnerability in RealPlayer could result in the remote execution of arbitrary code on the vulnerable system. When an .rjs file containing a long filename (larger than about 0x8000 bytes) is opened, either in RealPlayer or through a Web browser, a stack-based buffer overflow occurs, allowing an exception-handler record to be overwritten and the Execution Instruction Point (EIP) to be hijacked.

VENDOR RESPONSE
The author, RealNetworks, has released a patch (available via the Check for Update menu item under Tools on the RealPlayer menu bar) to address this vulnerability.

CREDIT
Discovered by eEye Digital Security.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish