|
|
|
|
| |
Credit:
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=838
|
| |
Vulnerable Systems:
* Windows RealPlayer 11.0.0 - 11.0.4
* Windows RealPlayer 10.5 (6.0.12.1040-6.0.12.1663, 6.0.12.1698, 6.0.12.1741)
* Mac RealPlayer 10
* Linux RP10
This problem specifically exists in the CMediumBlockAllocator::Alloc method. When calculating the size of a memory allocation, an integer overflow occurs. This leads to heap corruption, which can result in the execution of arbitrary code.
Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the user executing Real Player.
To be successful, an attacker must persuade a user to use Real Player to view specially crafted media. This could be accomplished via a Web page or direct link to the malicious media.
Patch Availability:
RealNetworks has released a patch which addresses this issue. Information about downloadable vendor updates can be found by clicking on the following URL:
http://service.real.com/realplayer/security/01192010_player/en/
CVE Information:
CVE-2009-4248
Disclosure Timeline:
01/11/2008 Initial Contact
01/11/2009 Initial Response
02/01/2010 Coordinated public disclosure.
|
|
|
|
|
