RealPlayer / RealOne Player for Windows Multiple Vulnerabilities (2005-06-23)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows application is affected by multiple
vulnerabilities.

Description :

According to its build number, the installed version of RealPlayer /
RealOne Player for Windows has several vulnerabilities :

- A malicious MP3 file can be used to overwrite an
arbitrary file or execute an ActiveX control.

- Using a specially crafted RealMedia file, an attacker
may be able to cause a heap overflow and run arbitrary
code within the context of the affected application.

- Using a specially crafted AVI file, an attacker may
be able to cause a buffer overflow and run arbitrary
code within the context of the affected application.

- A malicious website may be able to cause a local HTML
file to be created that triggers an RM file to play
which would then reference the local HTML file.

See also :

http://www.nessus.org/u?dc045348
http://research.eeye.com/html/advisories/published/AD20050623.html
http://www.securityfocus.com/archive/1/403535/30/0/threaded
http://service.real.com/help/faq/security/050623_player/EN/

Solution :

Upgrade according to the vendor advisory referenced above.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 18558 ()

Bugtraq ID: 13530
14048
14073

CVE ID: CVE-2005-1766
CVE-2005-2052

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now