Signature Detail

APP: RealPlayer Local File Security Bypass

This signature detects attempts to exploit a known vulnerability in the RealMedia RealPlayer program. An attacker can send a malicious .rm file to a user, which upon opening, could run other programs previously placed there by the attacker. The programs are run without user intervention. This attack requires the actual attack code to be placed on the target host's hard drive through some other means.

Extended Description

Successful exploitation of this vulnerability could allow an attacker to execute malicious code on a remote machine by bypassing system security features.

References

• CVE: CVE-2005-2055
• URL: http://service.real.com/help/faq/security/050623_player/EN/