FreeBSD : linux-realplayer -- multiple vulnerabilities (f762ccbb-baed-11dc-a302-000102cc8983)

high Nessus Plugin ID 29866

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Secunia reports :

Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system.

An input validation error when processing .RA/.RAM files can be exploited to cause a heap corruption via a specially crafted .RA/.RAM file with an overly large size field in the header.

An error in the processing of .PLS files can be exploited to cause a memory corruption and execute arbitrary code via a specially crafted .PLS file.

An input validation error when parsing .SWF files can be exploited to cause a buffer overflow via a specially crafted .SWF file with malformed record headers.

A boundary error when processing rm files can be exploited to cause a buffer overflow.

Solution

Update the affected package.

See Also

https://www.real.com/

https://www.zerodayinitiative.com/advisories/ZDI-07-063.html

https://www.zerodayinitiative.com/advisories/ZDI-07-062.html

https://www.zerodayinitiative.com/advisories/ZDI-07-061.html

http://www.nessus.org/u?13891e93

Plugin Details

Severity: High

ID: 29866

File Name: freebsd_pkg_f762ccbbbaed11dca302000102cc8983.nasl

Version: 1.23

Type: local

Published: 1/7/2008

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:linux-realplayer, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/4/2008

Vulnerability Publication Date: 10/25/2007

Exploitable With

CANVAS (D2ExploitPack)

Reference Information

CVE: CVE-2007-2263, CVE-2007-2264, CVE-2007-3410, CVE-2007-5081

CWE: 119

CERT: 759385

Secunia: 25819, 27361