|
|
Credit:
The information has been provided by Sebastian Apelt.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-10-167/
|
|
Vulnerable Systems:
* RealNetworks RealPlayer
Authentication is not required to exploit this vulnerability. The specific flaw exists within the module responsible for handling the FLV file format. While parsing the HX_FLV_META_AMF_TYPE_MIXEDARRAY and the HX_FLV_META_AMF_TYPE_ARRAY data types the ParseKnownType function makes two improper calculations that can force integers to wrap. A remote attacker can exploit these vulnerabilities to execute arbitrary code under the context of the user playing the file.
Patch Availability:
RealNetworks has issued an update to correct this vulnerability. More details can be found at:
http://service.real.com/realplayer/security/08262010_player/en/
CVE Information:
CVE-2010-3000
Disclosure Timeline:
2009-12-04 - Vulnerability reported to vendor
2010-08-26 - Coordinated public release of advisory
|
|