Select local site

F-Secure Vulnerability Information :
RealPlayer Playlist Handling Buffer Overflow Vulnerability
[Summary] | [Detailed Description] | [Solution] | [CVE Reference]

Report ID:SA27248
Source:Secunia
Date of Discovery:22.10.2007
Criticality:Critical
Affects:

RealOne Player 1.x
RealOne Player 2.x
RealPlayer 10.x
Compromise From:From remote
Compromise Type:System access
Summary

A vulnerability has been reported in RealPlayer, which can be exploited by malicious people to compromise a user"s system.
Back to the Top

Detailed Description

A vulnerability has been reported in RealPlayer, which can be exploited by malicious people to compromise a user"s system.

The vulnerability is caused due to a signedness error in MPAMedia.dll when handling playlist names. This can be exploited to cause a stack-based buffer overflow by e.g. importing a file into a specified playlist with an overly long name via the RealPlayer IERPCtl ActiveX control (ierpplug.dll).

Successful exploitation allows execution of arbitrary code.

NOTE: The vulnerability is currently being actively exploited.
Back to the Top

Solution

Apply patch for RealPlayer 10.5 and 11 beta:
http://service.real.com/realplayer/security/191007_player/en/securitydb.rnx

The vendor recommends users of RealPlayer 10 and RealOne v1 and v2 to upgrade to version 10.5 and apply the patch.

NOTE: According to the vendor, RealPlayer 8 and prior versions for Windows are not affected. Versions for Macintosh and Linux are also not affected.
Back to the Top

CVE Reference
CVE-2007-5601
Back to the Top

F-Secure Corporation