Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:REAL:REAL-MPG-WIDTH

Severity

 High

Recommended

 Yes

Recommended Action

 Drop

Category

 APP

Keywords

 RealNetworks RealPlayer MPG Width Integer Underflow Memory Corruption

Release Date

 2012/01/05

Update Number

 2059

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: RealNetworks RealPlayer MPG Width Integer Underflow Memory Corruption


This signature detects attempts to exploit a known flaw in RealNetworks RealPlayer. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted MPEG file. Successful exploitation can lead to the injection and execution of arbitrary code in the context of the currently logged in user.

Extended Description

Real Networks RealPlayer is prone to multiple security vulnerabilities. Real Networks released an advisory regarding 19 security vulnerabilities in RealPlayer. Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected application. Other attacks may also be possible. The following versions are affected: RealPlayer 11.0 to 11.1 RealPlayer SP 1.0 to 1.1.5 RealPlayer 14.0.0 to 14.0.7 Mac RealPlayer 12.0.0.1701

Affected Products

  • Real Networks Mac RealPlayer 12.0.0.1701
  • Real Networks RealPlayer 11
  • Real Networks RealPlayer 11.0.1
  • Real Networks RealPlayer 11.0.2
  • Real Networks RealPlayer 11.0.2.1744
  • Real Networks RealPlayer 11.0.2.2315
  • Real Networks RealPlayer 11.0.3
  • Real Networks RealPlayer 11.0.4
  • Real Networks RealPlayer 11.0.5
  • Real Networks RealPlayer 11.1
  • Real Networks RealPlayer 11 Beta
  • Real Networks RealPlayer 11 Build 6.0.14.748
  • Real Networks RealPlayer 14.0.0
  • Real Networks RealPlayer 14.0.1
  • Real Networks RealPlayer 14.0.1.609
  • Real Networks RealPlayer 14.0.1.633
  • Real Networks RealPlayer 14.0.2
  • Real Networks RealPlayer 14.0.2.633
  • Real Networks RealPlayer 14.0.3
  • Real Networks RealPlayer 14.0.5
  • Real Networks RealPlayer 14.0.6
  • Real Networks RealPlayer 14.0.7
  • Real Networks RealPlayer 11 Beta 6.0.14.550
  • Real Networks RealPlayer Enterprise 1.1.0
  • Real Networks RealPlayer Enterprise 1.2.0
  • Real Networks RealPlayer Enterprise 1.5.0
  • Real Networks RealPlayer Enterprise 1.6.0
  • Real Networks RealPlayer Enterprise 1.7.0
  • Real Networks RealPlayer Enterprise 2.0
  • Real Networks RealPlayer Enterprise 2.1.2
  • Real Networks RealPlayer Enterprise 2.1.3
  • Real Networks RealPlayer Enterprise 2.1.4
  • Real Networks RealPlayer Enterprise 2.1.5
  • Real Networks RealPlayer Enterprise 2.1.6
  • Real Networks RealPlayer Enterprise
  • Real Networks RealPlayer SP 1.0.0
  • Real Networks RealPlayer SP 1.0.1
  • Real Networks RealPlayer SP 1.0.2
  • Real Networks RealPlayer SP 1.0.5
  • Real Networks RealPlayer SP 1.1
  • Real Networks RealPlayer SP 1.1.1
  • Real Networks RealPlayer SP 1.1.2
  • Real Networks RealPlayer SP 1.1.3
  • Real Networks RealPlayer SP 1.1.4
  • Real Networks RealPlayer SP 1.1.5
  • Real Networks RealPlayer SP

References

  • BugTraq: 50741
  • CVE: CVE-2011-4259

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out