SynopsisA multimedia application on the remote Windows host is affected by multiple vulnerabilities.
DescriptionAccording to its build number, the installed version of RealPlayer on the remote Windows host is earlier than 184.108.40.206. As such, it is affected by multiple vulnerabilities :
- Errors exist related to 'rvrender RMFF' flags, 'RV20' frame size arrays, 'VIDOBJ_START_CODE', 'RV40', 'RV10', 'coded_frame_size' and 'Atrac' sample decoding and can result in remote, arbitrary code execution. (CVE-2012-0922, CVE-2012-0923, CVE-2012-0924, CVE-2012-0925, CVE-2012-0926, CVE-2012-0927, CVE-2012-0928)
SolutionUpgrade to RealPlayer 220.127.116.11 or later.
File Name: realplayer_15_0_2_71.nasl
Supported Sensors: Nessus Agent
Temporal Vector: E:U/RL:OF/RC:C
Required KB Items: SMB/RealPlayer/Product, SMB/RealPlayer/Build
Exploit Ease: No known exploits are available
Patch Publication Date: 2/6/2012
Vulnerability Publication Date: 2/6/2012
CVE: CVE-2012-0922, CVE-2012-0923, CVE-2012-0924, CVE-2012-0925, CVE-2012-0926, CVE-2012-0927, CVE-2012-0928
BID: 51883, 51884, 51885, 51887, 51888, 51889, 51890