Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

RealPlayer for Windows < / Multiple Vulnerabilities



The remote Windows application is affected by at least one security vulnerability.


According to its version number, the installed version of RealPlayer / RealPlayer Enterprise on the remote Windows host suffers from possibly several issues :

- Heap memory corruption issues in several ActiveX controls can lead to arbitrary code execution (CVE-2008-1309). - An unspecified local resource reference vulnerability (CVE-2008-3064). - An SWF file heap-based buffer overflow (CVE-2007-5400). - A buffer overflow involving the 'import()' method in an ActiveX control implemented by the 'rjbdll.dll' module could result in arbitrary code execution (CVE-2008-3066).

Note that RealPlayer 11 (builds - are only affected by the first issue (CVE-2008-1309). Note that the vendor's advisory states that version numbers for RealPlayer 10.5 are not sequential.


Upgrade to RealPlayer 11.0.3 (build / RealPlayer 10.5 (build or higher.