Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:REAL:RAM-FILE-OF

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 RealMedia RAM File Processing Buffer Overflow

Release Date

 2005/05/03

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: RealMedia RAM File Processing Buffer Overflow


This signature detects attempts to exploit a known vulnerability in RealNetworks RealPlayer products. A successful attack can lead to arbitrary code execution.

Extended Description

RealNetworks RealPlayer Enterprise is reported prone to a buffer overflow vulnerability. It is reported that the issue manifests when a malicious RAM file is parsed. A remote attacker may exploit this vulnerability to execute arbitrary code in the context of a user that uses a vulnerable version of the media player to load a malicious RAM file.

Affected Products

  • Real_networks helix_player_for_linux 1.0.0
  • Real_networks helix_player_for_linux 1.0.1
  • Real_networks helix_player_for_linux 1.0.2
  • Real_networks helix_player_for_linux 1.0.3
  • Real_networks realone_player 1.0.0
  • Real_networks realone_player 6.0.11 .818
  • Real_networks realone_player 6.0.11 .830
  • Real_networks realone_player 6.0.11 .840
  • Real_networks realone_player 6.0.11 .853
  • Real_networks realone_player 6.0.11 .868
  • Real_networks realone_player 6.0.11 .872
  • Real_networks realone_player_for_osx 9.0.0 .288
  • Real_networks realone_player_for_osx 9.0.0 .297
  • Real_networks realplayer 10.0.0
  • Real_networks realplayer 10.5.0 V6.0.12.1040
  • Real_networks realplayer 10.5.0 V6.0.12.1053
  • Real_networks realplayer 10.5.0 V6.0.12.1056
  • Real_networks realplayer 8.0.0 Mac
  • Real_networks realplayer 8.0.0 Unix
  • Real_networks realplayer 8.0.0 Win32
  • Real_networks realplayer_10_for_linux
  • Real_networks realplayer_10_for_mac_os 10.0.0.305
  • Real_networks realplayer_10_for_mac_os 10.0.0.325
  • Real_networks realplayer_10_for_mac_os
  • Real_networks realplayer_enterprise 1.1.0
  • Real_networks realplayer_enterprise 1.2.0
  • Real_networks realplayer_enterprise 1.5.0
  • Real_networks realplayer_enterprise 1.6.0
  • Real_networks realplayer_enterprise 1.7.0
  • Real_networks realplayer_enterprise
  • Real_networks realplayer_for_unix 10.0.3
  • Red_hat desktop 3.0.0
  • Red_hat enterprise_linux_as 3
  • Red_hat enterprise_linux_es 3
  • Red_hat enterprise_linux_ws 3

References

  • BugTraq: 13264
  • CVE: CVE-2004-0550
  • CVE: CVE-2005-0755
  • CVE: CVE-2004-0258
  • URL: http://pb.specialised.info/all/adv/real-ram-adv.txt
  • URL: http://service.real.com/help/faq/security/050419_player/EN/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out