icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

RealPlayer < 6.0.12.1212 vidplin.dll Crafted AVI Overflow

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote Windows host has RealPlayer software installed. There is a flaw in this version of the software that would allow an attacker to execute arbitrary code. An attacker exploiting this flaw would need to be able to convince a user to download and play a malicious media file. Upon execution, a local content-parsing bug would be triggered, enabling a local heap overflow and code execution.

Solution

Upgrade to version 6.0.12.1212 or higher.