1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




RealPlayer Playlist Handling Buffer Overflow Vulnerability

Report ID: SA27248
Source: Secunia
Date of Discovery: 22.10.2007
Criticality: Critical
Affects:
RealOne Player 1.x
RealOne Player 2.x
RealPlayer 10.x

Compromise From: From remote
Compromise Type: System access

Summary

A vulnerability has been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system.

Detailed Description

A vulnerability has been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a signedness error in MPAMedia.dll when handling playlist names. This can be exploited to cause a stack-based buffer overflow by e.g. importing a file into a specified playlist with an overly long name via the RealPlayer IERPCtl ActiveX control (ierpplug.dll).

Successful exploitation allows execution of arbitrary code.

NOTE: The vulnerability is currently being actively exploited.

Solution

Apply patch for RealPlayer 10.5 and 11 beta:
http://service.real.com/realplayer/security/191007_player/en/securitydb.rnx

The vendor recommends users of RealPlayer 10 and RealOne v1 and v2 to upgrade to version 10.5 and apply the patch.

NOTE: According to the vendor, RealPlayer 8 and prior versions for Windows are not affected. Versions for Macintosh and Linux are also not affected.

Original Reference

-

CVE Reference

CVE-2007-5601