Short Name |
APP:REAL:PLAYER-FILE-SEC-BYPASS |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
APP |
Keywords |
RealPlayer Local File Security Bypass |
Release Date |
2005/03/08 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the RealMedia RealPlayer program. An attacker can send a malicious .rm file to a user, which upon opening, could run other programs previously placed there by the attacker. The programs are run without user intervention. This attack requires the actual attack code to be placed on the target host's hard drive through some other means.
Successful exploitation of this vulnerability could allow an attacker to execute malicious code on a remote machine by bypassing system security features.