RealPlayer for Windows < Build 22.214.171.1248 Multiple Vulnerabilities
High Nessus Plugin ID 25573
SynopsisThe remote Windows application is affected by a buffer overflow vulnerability.
DescriptionAccording to its build number, the installed version of RealPlayer on the remote Windows host contains a stack-based buffer overflow that can be triggered by a specially crafted SMIL file, perhaps accessed over the web using the CLSID 'CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA'.
A remote attacker may be able to exploit this issue to execute arbitrary code subject to the user's privileges on the affected host.
SolutionUpgrading to the latest version of the product supposedly resolves the issue, although the vendor has not confirmed that.