Detections
Analytics

RealPlayer / RealOne Player for Windows Multiple Vulnerabilities (2005-06-23)

high Nessus Plugin ID 18558

Synopsis

The remote Windows application is affected by multiple vulnerabilities.

Description

According to its build number, the installed version of RealPlayer / RealOne Player for Windows has several vulnerabilities :

 - A malicious MP3 file can be used to overwrite an arbitrary file or execute an ActiveX control.

 - Using a specially crafted RealMedia file, an attacker may be able to cause a heap overflow and run arbitrary code within the context of the affected application.

 - Using a specially crafted AVI file, an attacker may be able to cause a buffer overflow and run arbitrary code within the context of the affected application.

 - A malicious website may be able to cause a local HTML file to be created that triggers an RM file to play which would then reference the local HTML file.

Solution

Upgrade according to the vendor advisory referenced above.

See Also

http://www.nessus.org/u?dc045348

https://www.beyondtrust.com/resources/blog/research/

https://www.securityfocus.com/archive/1/403535/30/0/threaded

http://service.real.com/help/faq/security/050623_player/EN/

Plugin Details

Severity: High

ID: 18558

File Name: realplayer_realtext_parsing_overflow.nasl

Version: 1.25

Type: local

Agent: windows

Family: Windows

Published: 6/24/2005

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:realnetworks:realplayer

Required KB Items: SMB/RealPlayer/Product, SMB/RealPlayer/Build

Exploit Ease: No known exploits are available

Patch Publication Date: 6/23/2005

Vulnerability Publication Date: 6/23/2005

Reference Information

CVE: CVE-2005-1766, CVE-2005-2052

BID: 13530, 14048, 14073