RealPlayer for Windows < 6.0.14.806 / 6.0.12.1675 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 4608

Synopsis

The remote Windows application is affected by at least one security vulnerability.

Description

According to its version number, the installed version of RealPlayer / RealPlayer Enterprise on the remote Windows host suffers from possibly several issues :

- Heap memory corruption issues in several ActiveX controls can lead to arbitrary code execution (CVE-2008-1309).
- An unspecified local resource reference vulnerability (CVE-2008-3064).
- An SWF file heap-based buffer overflow (CVE-2007-5400).
- A buffer overflow involving the 'import()' method in an ActiveX control implemented by the 'rjbdll.dll' module could result in arbitrary code execution (CVE-2008-3066).

Note that RealPlayer 11 (builds 6.0.14.738 - 6.0.14.802) are only affected by the first issue (CVE-2008-1309).
Note that the vendor's advisory states that version numbers for RealPlayer 10.5 are not sequential.

Solution

Upgrade to RealPlayer 11.0.3 (build 6.0.14.806) / RealPlayer 10.5 (build 6.0.12.1675) or higher.

See Also

http://secunia.com/secunia_research/2007-93/advisory

http://www.zerodayinitiative.com/advisories/ZDI-08-046

http://www.securityfocus.com/archive/1/494778/30/0/threaded

http://www.zerodayinitiative.com/advisories/ZDI-08-047

http://www.securityfocus.com/archive/1/494779/30/0/threaded

http://archives.neohapsis.com/archives/fulldisclosure/2008-07/0540.html

http://service.real.com/realplayer/security/07252008_player/en

http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0157.html

Plugin Details

Severity: Medium

ID: 4608

Family: Web Clients

Published: 2008/08/04

Modified: 2016/01/19

Dependencies: 1735, 8314

Nessus ID: 33744

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:realnetworks:realplayer

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (RealPlayer rmoc3260.dll ActiveX Control Heap Corruption)

Reference Information

CVE: CVE-2007-5400, CVE-2008-1309, CVE-2008-3064, CVE-2008-3066

BID: 28157, 30370, 30376, 30378, 30379