Short Name |
APP:REAL:MAL-FLV-FILE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
RealNetworks RealPlayer FLV Parsing Two Integer Overflow Vulnerabilities |
Release Date |
2010/10/25 |
Update Number |
1798 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit two known remote code execution vulnerabilities in RealNetworks RealPlayer. They are due to two integer overflow errors while parsing the ECMA Array and the Strict Array type data in FLV files. An attacker can leverage these by enticing a target user to open a crafted IVR file. A successful attack allows the attacker to execute arbitrary code in the security context of the logged in user. An unsuccessful attack can cause an abnormal termination of the affected product.
Real Networks RealPlayer & RealPlayer SP are prone to multiple security vulnerabilities, including remote code-execution issues, an unauthorized access issue, a potential denial-of-service issue, and an unspecified issue. Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected application, cause denial-of-service conditions, or access files without proper authorization. Other attacks may also be possible. RealPlayer 11.1 and RealPlayer SP 1.1.4 and prior are vulnerable.