RealPlayer Skin File Handling Buffer Overflow
Medium Nessus Network Monitor Plugin ID 2381
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running a version of RealPlayer which is vulnerable to an overflow via a malformed skin file. As skin files are downloaded, typically, without any sort of warning or prompt to the user, the remote attacker need only create a website with a malformed skins file and entice the user to visit the site.
SolutionUpgrade or patch according to vendor recommendations.