Advisories » RealPlayer IERPCtl ActiveX Control Playlist Handling Remote Buffer Overflow Vulnerability
| Release Date: | 22/10/2007 | Severity: | Extremely Critical  |
| SecWatch Advisory: | SWID1019326 | Cause: | Not specified |
| Solution Status: | Vendor Patch | Impact: | Execution of arbitrary code |
| Exploit Status: | None Available | Access Vector: | From remote |
| Affected Software: | RealOne Player v1 RealOne Player v2 RealPlayer 10.x |
||
| Original Advisory: | http://service.real.com/realplayer/security/191007_player/en/ http://www.symantec.com/enterprise/security_response/weblog/2007/10/re.. |
||
| References: | FrSIRT/ADV-2007-3548 |
||
| CVE: | CVE-2007-5601 | ||
| US Cert: | VU#871673 | ||
| Secunia: | SA27248 | ||
| Bugtraq ID: | BID#26130 | ||
Description:
A vulnerability has been discovered in RealPlayer, which can be exploited by remote users to compromise a user's system.
An error exists when handling crafted playlists with overly long filenames within the IERPCtl ActiveX control (ierpplug.dll), which can be exploited to cause a stack-based buffer and execute arbitrary code.
Solution:
The vulnerability has been fixed, apply patch for RealPlayer 10.5 and 11 beta:
http://service.real.com/realpl...91007_player/en/securitydb.rnx
Credits:
Symantec
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
26 Oct 07: RealNetworks Products Multiple Remote Buffer Overflows Vulnerabil..
27 Jun 07: RealPlayer/Helix Player SMIL wallclock Remote Buffer Overflow Vul..
28 Mar 06: RealPlayer <= 10.5 (6.0.12.1040-1348) SWF Buffer.. (RealPlayer_swf.pl)
23 Mar 06: RealNetworks Products Multiple Remote Buffer Overflow Vulnerabili..
01 May 07: RealPlayer 10 .ra File Handling Remote Denial.. (RealPlayer_RA_DoS.py)