Short Name |
HTTP:STC:ACTIVEX:REAL-PLAYER |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
RealNetworks RealPlayer Unsafe ActiveX Control |
Release Date |
2008/03/12 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in RealNetworks' RealPlayer ActiveX control (rmoc3260.dll). An attacker can create a malicious Web site containing Web pages with dangerous ActiveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
RealNetworks RealPlayer 'rmoc3260.dll' ActiveX control is prone to a memory-corruption vulnerability. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely crash the application.