|
|
|
|
| |
Credit:
The information has been provided by Omair.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=883
|
| |
Vulnerable Systems:
* Windows RealPlayer SP 1.1.4 and prior
* Linux RealPlayer 11.0.2.1744 and prior
The vulnerability specifically exists in the way RealPlayer handles specially crafted RealMedia video files.
When processing specially crafted RealMedia files, RealPlayer uses a value from the file to control a loop operation. Realplayer fails to validate the value before using it, which leads to heap memory corruption and an exploitable condition.
Successful exploitation could allow attackers to execute arbitrary code in the context of the current user. To exploit this vulnerability, an attacker must persuade a victim into using RealPlayer to open a specially crafted media file. This could be accomplished by either direct link or referenced from a website under the attacker's control. An attacker could host a Web page containing a malformed file. Upon visiting the malicious Web page exploitation would occur and execution of arbitrary code would be possible. Alternatively a malicious media file could be attached within an e-mail file.
CVE Information:
CVE-2010-4386
Disclosure Timeline:
04/14/2010 Initial Contact
04/14/2010 Initial Response
12/10/2010 Coordinated public disclosure
|
|
|
|
|
