This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote Windows application is affected by at least one security
According to its build number, the installed version of RealPlayer /
on the remote Windows host suffers from possibly several issues :
- Heap memory corruption issues in several ActiveX
controls can lead to arbitrary code execution.
- An unspecified local resource reference vulnerability.
- An SWF file heap-based buffer overflow. (CVE-2007-5400)
- A buffer overflow involving the 'import()' method in an
ActiveX control implemented by the 'rjbdll.dll' module
could result in arbitrary code execution.
Note that RealPlayer 11 (builds 184.108.40.2068 - 220.127.116.112) are only affected
by the first issue (CVE-2008-1309).
See also :
Upgrade to RealPlayer 11.0.3 (build 18.104.22.1686) / RealPlayer 10.5
(build 22.214.171.1245) or later.
Note that the vendor's advisory states that build numbers for
RealPlayer 10.5 are not sequential.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true