Signature Detail
Short Name |
HTTP:STC:ACTIVEX:REAL-IERPCTL |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
RealMedia RealPlayer Ierpplug.DLL ActiveX Control Overflow |
Release Date |
2011/01/19 |
Update Number |
1850 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: RealMedia RealPlayer Ierpplug.DLL ActiveX Control Overflow
This signature detects attempts to use unsafe ActiveX controls used by RealMedia RealPlayer. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Real Networks RealPlayer SP is prone to a remote code-execution vulnerability because it fails to sufficiently validate user-supplied data. Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control. Versions prior to and including RealPlayer SP 1.1 for Windows are vulnerable. NOTE: This issue was previously discussed in BID 44144 (Real Networks RealPlayer SP and RealPlayer Enterprise Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
- Real Networks RealPlayer SP 1.0.0
- Real Networks RealPlayer SP 1.0.1
- Real Networks RealPlayer SP 1.0.2
- Real Networks RealPlayer SP 1.0.5
- Real Networks RealPlayer SP 1.1
References
- BugTraq: 30379
- BugTraq: 26130
- BugTraq: 44443
- BugTraq: 22811
- CVE: CVE-2006-6847
- CVE: CVE-2008-3066
- CVE: CVE-2007-5601
- CVE: CVE-2010-3749
- URL: http://service.real.com/realplayer/security/10152010_player/en/