Real Networks RealPlayer < 14.0.1.609 (Build 12.0.1.609) Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 5709

Synopsis

The remote host is running an application that is vulnerable to multiple attack vectors.

Description

The remote host is running RealPlayer, a multi-media application.

RealPlayer builds earlier than 12.0.1.609 are potentially affected by vulnerabilities :

- An uncontrolled array index vulnerability exists in RealMedia media properties. (CVE-2010-4384)

- A heap overflow vulnerability exists in multi-rate audio handling. (CVE-2010-4375)

- A heap corruption vulnerability exists in the SMIL file format StreamTitle. (CVE-2010-2997)

- An integer overflow exists in AAC MLLT Atom parsing. (CVE-2010-2999)

- An integer overflow exists in AAC TIT2 Atom parsing. (CVE-2010-4397)

- A heap overflow vulnerability exists in RTSP GIF parsing. (CVE-2010-4376)

- A heap corruption vulnerability exist in the Cook Audio Codec. (CVE-2010-4377)

- A heap corruption vulnerability exists in RV20 parsing. (CVE-2010-4378)

- An error exists in the Cook codec initialization function. (CVE-2010-0121)

- A memory access vulnerability exists in the Cook codec relating to an uninitialized number of channels. (CVE-2010-2579)

- An unspecified vulnerability exists in AAC spectral data parsing. (CVE-2010-0125)

- A heap overflow vulnerability exists in SIPR. (CVE-2010-4379)

- A heap overflow exists in SOUND. (CVE-2010-4380)

- A heap overflow exists in AAC. (CVE-2010-4381)

- Multiple heap overflow vulnerabilities in RealMedia. (CVE-2010-4382)

- A heap overflow vulnerability in RA5. (CVE-2010-4383)

- An integer overflow in SIPR stream frame dimensions. (CVE-2010-4385)

- RealMedia Memory heap corruption. (CVE-2010-4386)

- A memory corruption vulnerability in the RealAudio codec. (CVE-2010-4387)

- A cross-zone scripting vulnerability in the ActiveX HandleAction Method. (CVE-2010-4396)

- A cross domain scripting vulnerability is exploitable via local HTML files. (CVE-2010-4388)

- A heap overflow vulnerability exists in the Cook codec initialization buffer index.(CVE-2010-4389)

- A heap overflow vulnerability exists in the IVR file header. (CVE-2010-4390)

- A heap overflow vulnerability exists in the RMX header. (CVE-2010-4391)

- A heap overflow vulnerability exists in ImageMap. (CVE-2010-4392)

- A heap overflow vulnerability exists in RealPix server header. (CVE-2010-4394)

- A heap overflow exists in the Advanced audio coding. (CVE-2010-4395)

Solution

Upgrade to RealPlayer 14.0.1.609 (Build 12.0.1.609) or later.

See Also

http://service.real.com/realplayer/security/12102010_player/en

http://www.zerodayinitiative.com/advisories/ZDI-10-266

http://www.zerodayinitiative.com/advisories/ZDI-10-267

http://www.zerodayinitiative.com/advisories/ZDI-10-268

http://www.zerodayinitiative.com/advisories/ZDI-10-269

http://www.zerodayinitiative.com/advisories/ZDI-10-270

http://www.zerodayinitiative.com/advisories/ZDI-10-271

http://www.zerodayinitiative.com/advisories/ZDI-10-272

http://www.zerodayinitiative.com/advisories/ZDI-10-273

http://www.zerodayinitiative.com/advisories/ZDI-10-274

http://www.zerodayinitiative.com/advisories/ZDI-10-275

http://www.zerodayinitiative.com/advisories/ZDI-10-276

http://www.zerodayinitiative.com/advisories/ZDI-10-277

http://www.zerodayinitiative.com/advisories/ZDI-10-278

http://www.zerodayinitiative.com/advisories/ZDI-10-279

http://www.zerodayinitiative.com/advisories/ZDI-10-280

http://www.zerodayinitiative.com/advisories/ZDI-10-281

http://www.zerodayinitiative.com/advisories/ZDI-10-282

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=883

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=884

Plugin Details

Severity: Medium

ID: 5709

File Name: 5709.prm

Family: Web Clients

Published: 2010/11/15

Modified: 2016/01/19

Dependencies: 1735, 8314

Nessus ID: 50612

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:realnetworks:realplayer

Patch Publication Date: 2010/10/28

Vulnerability Publication Date: 2010/11/15

Reference Information

CVE: CVE-2010-0121, CVE-2010-0125, CVE-2010-2579, CVE-2010-2997, CVE-2010-2999, CVE-2010-4375, CVE-2010-4376, CVE-2010-4377, CVE-2010-4378, CVE-2010-4379, CVE-2010-4380, CVE-2010-4381, CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386, CVE-2010-4387, CVE-2010-4388, CVE-2010-4390, CVE-2010-4391, CVE-2010-4392, CVE-2010-4394, CVE-2010-4395, CVE-2010-4396, CVE-2010-4397

BID: 44847, 45327, 45406, 45407, 45409, 45410, 45411, 45412, 45414, 45444, 45445, 45448, 45449, 45451, 45452, 45453, 45455, 45458, 45459, 45463, 45464, 45465