Check Point Advisories

Preemptive Protection against RealNetworks RealPlayer ActiveX Import Method Buffer Overflow Vulnerability

Check Point Reference: CPAI-2008-109
Date Published: 29 Jul 2008
Severity: High
Last Updated: Tuesday 01 January, 2008
Source: Secunia Advisory: SA27620
Industry Reference:CVE-2008-3066
Protection Provided by:
Who is Vulnerable? RealNetworks RealPlayer for Windows 10
RealNetworks RealPlayer for Windows 10.5
RealNetworks RealPlayer Enterprise
Vulnerability Description A buffer overflow vulnerability has been reported in RealNetworks RealPlayer application. RealNetworks RealPlayer and RealOne Player are media player applications that are capable of playing back numerous multimedia file formats. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable system.
Update/Patch AvaliableUpdate your product to the latest version:
Real
Vulnerability DetailsThe vulnerability is due to an error in a RealPlayer ActiveX control that fails to properly handle deletion of media library files. To trigger this issue, an attacker may create a malicious web page that will exploit this vulnerability. Successful exploitation may allow execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK