Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:STREAM:REAL-AVI |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
RealNetworks RealPlayer AVI Parsing Buffer Overflow |
Release Date |
2010/09/28 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: RealNetworks RealPlayer AVI Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability against RealNetworks Realplayer. Attacker can create a malicious Web site, containing dangerous AVI files, which if accessed by a victim, allows the attacker to gain control of victim's computer.
Extended Description
Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value.
Affected Products
- Realnetworks realone_player 1.0
- Realnetworks realone_player 2.0
- Realnetworks realplayer 10.0
- Realnetworks realplayer 10.5_6.0.12.1040
- Realnetworks realplayer 10.5_6.0.12.1069
- Realnetworks realplayer 8.0
- Realnetworks realplayer (:enterprise)
References
- BugTraq: 13530
- CVE: CVE-2005-2052
- URL: http://service.real.com/help/faq/security/050623_player/EN/