RealPlayer for Windows < Build Multiple Buffer Overflows

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows application is affected by multiple buffer
overflow vulnerabilities.

Description :

According to its build number, the installed version of RealPlayer on
the remote Windows host has multiple buffer overflow vulnerabilities :

- A RealPlayer 'ASM' Rulebook heap-based overflow.

- A RealPlayer 'GIF' file heap overflow. (CVE-2009-4242)

- A RealPlayer media overflow ('http' chunk encoding).

- A RealPlayer 'IVR' file processing buffer overflow.

- A RealPlayer 'IVR' file heap overflow. (CVE-2009-0376)

- A RealPlayer 'SIPR' codec heap overflow. (CVE-2009-4244)

- A RealPlayer compressed 'GIF' heap overflow.

- A RealPlayer 'SMIL' parsing heap overflow.

- A RealPlayer skin parsing stack overflow.

- A RealPlayer 'ASM' RuleBook Array Overflow.

- A RealPlayer 'rtsp' set_parameter buffer overflow.

See also :

Solution :

Upgrade to RealPlayer SP 1.0.2 or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now