Intrusion Prevention

RealNetworks.RealPlayer.RA.Header.Heap.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in several RealNetworks products.
The vulnerability is due to boundary errors that occur when processing RealAudio files. A remote attacker can exploit this by enticing a user to open a crafted RA file.

Affected Products

RealNetworks, RealPlayer, 10.0, Unknown, Windows
RealNetworks, RealPlayer, 10.0, 10.0.0.352, Mac
RealNetworks, RealPlayer, 10.0, 10.0.0.305, Mac
RealNetworks, RealPlayer, 10.0, 10.0.0.331, Mac
RealNetworks, RealPlayer, 10.0, 10.0.9, Linux
RealNetworks, RealPlayer, 10.0, 10.0.8, Linux
RealNetworks, RealPlayer, 10.0, 10.0.7, Linux
RealNetworks, RealPlayer, 10.0, 10.0.6, Linux
RealNetworks, RealPlayer, 10.0, 10.0.5, Linux
RealNetworks, RealPlayer, 10.5, 6.0.12.1040, Windows
RealNetworks, RealPlayer, 10.5, 6.0.12.1578, Windows
RealNetworks, RealPlayer, 10.5, 6.0.12.1698, Windows
RealNetworks, RealPlayer, 10.5, 6.0.12.1741, Windows
RealNetworks, RealOne Player, 2.0, Unknown, Windows
RealNetworks, RealOne Player, Unknown, Unknown, Mac, En
RealNetworks, RealPlayer Enterprise, Unknown, Unknown, Windows, En
RealNetworks, RealPlayer, 8.0
RealNetworks, RealOne Player, 1.0, Unknown, Windows, En
RealNetworks, RealPlayer, 10.1, 10.0.0. 481, Mac
RealNetworks, RealPlayer, 10.1, 10.0.0.396, Mac
RealNetworks, RealPlayer, 10.1, 10.0.0.412, Mac

Impact

System Compromise: remote code execution.

Recommended Actions

Refer to the RealNetworks Customer Support - Real Security Updates web page for upgrade information:
http://www.service.real.com/realplayer/security/10252007_player/en/.

CVE References

CVE-2007-2264