RealPlayer for Windows < Multiple Vulnerabilities

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

A multimedia application on the remote Windows host is affected by
multiple vulnerabilities.

Description :

According to its build number, the installed version of RealPlayer on
the remote Windows host is earlier than As such, it is
affected by multiple vulnerabilities :

- A memory corruption error exists related to the
handling of 'MP4' files. (CVE-2012-1904)

- An unspecified error exists related to the parsing of
'RealMedia ASMRuleBook' files that can lead to remote
arbitrary code execution. (CVE-2012-2406)

- A buffer overflow exists related to the parsing of
'RealJukebox Media' content. (CVE-2012-2411)

See also :

Solution :

Upgrade to RealPlayer or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.4
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 59173 ()

Bugtraq ID: 52706

CVE ID: CVE-2012-1904

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now