Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Multiple Vulnerabilities in RealPlayer/RealOne Player Media Players

Feb 4, 2004 9:54PM PST

SecurityTracker Alert ID: 1008946
CVE Reference: GENERIC-MAP-NOMATCH
Date: Feb 4 2004

Impact: Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Advisory: NGSSoftware

Version(s): RealOne Player and RealPlayer 8

Description: Several buffer overflow vulnerabilities were reported in RealPlayer/RealOne Player. A remote user can create media content that, when loaded by the player, will execute arbitrary code.

NGSSoftware reported that a remote user can create specially crafted .RP, .RT, .RAM, .RPM, and .SMIL files that, when loaded by a target user, will trigger heap and stack based overruns in the player. The remote user can create HTML that, when loaded, will cause the media to be automatically loaded by the target user's player.

The overruns allow arbitrary code to be executed on the target system with the privileges of the target user, the report said.

The vendor was reportedly notified on December 23, 2003.

Impact: A remote user can cause arbitrary code to be executed by the target user's player when the target user's browser loads HTML that references malicious media files or when the target user's player loads malicious media files.

Solution: The vendor has released a fixed version. Update instructions are available at:

http://www.service.real.com/help/faq/security/040123_player/EN/

Vendor URL: www.service.real.com/help/faq/security/040123_player/EN/
Cause: Boundary error

Underlying OS: Linux (Any), MacOS, UNIX (AIX), UNIX (HP/UX), UNIX (SGI/IRIX), UNIX (Solaris - SunOS), Windows (Any)

Reported By: "NGSoftware Insight Security Research"

http://www.securitytracker.com/alerts/2004/Feb/1008946.html

Also in http://www.secunia.com/advisories/10796/

Discussion is locked