Signature Detail

APP: Realplayer vidplin.dll AVI Header Parsing Code Execution

This signature detects attempts to exploit a known vulnerability against Realplayer vidplin.dll AVI Header. A successful attack can lead to arbitrary code execution.

Extended Description

Real Networks RealPlayer is prone to a buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. This issue affects RealPlayer 11.0 to 11.1, SP 1.0 to 1.1.5, and 14.0.0 to 14.0.1.

Affected Products

• Real Networks RealPlayer 11
• Real Networks RealPlayer 11.0.1
• Real Networks RealPlayer 11.0.2
• Real Networks RealPlayer 11.0.2.1744
• Real Networks RealPlayer 11.0.2.2315
• Real Networks RealPlayer 11.0.3
• Real Networks RealPlayer 11.0.4
• Real Networks RealPlayer 11.0.5
• Real Networks RealPlayer 11.1
• Real Networks RealPlayer 14.0.0
• Real Networks RealPlayer 14.0.1
• Real Networks RealPlayer SP 1.0.0
• Real Networks RealPlayer SP 1.0.1
• Real Networks RealPlayer SP 1.0.2
• Real Networks RealPlayer SP 1.0.5
• Real Networks RealPlayer SP 1.1
• Real Networks RealPlayer SP 1.1.1
• Real Networks RealPlayer SP 1.1.2
• Real Networks RealPlayer SP 1.1.3
• Real Networks RealPlayer SP 1.1.4
• Real Networks RealPlayer SP 1.1.5

References

• BugTraq: 46047
• CVE: CVE-2010-4393