Signature Detail

HTTP: RealPlayer RealAudio File Overflow

This signature detects attempts to exploit a known vulnerability in RealNetworks RealPlayer and RealOne Player. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

RealNetworks RealPlayer is prone to multiple memory-corruption vulnerabilities that arise when the application processes specially crafted files. Successfully exploiting these issues will allow remote attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will cause a denial-of-service condition.

Affected Products

• Real Networks Helix Player for Linux 10.0.0.8
• Real Networks Helix Player for Linux 10.0.5
• Real Networks Helix Player for Linux 10.0.6
• Real Networks Helix Player for Linux 10.0.7
• Real Networks RealOne Player 1.0.0
• Real Networks RealOne Player 2.0.0
• Real Networks RealOne Player for Mac
• Real Networks RealPlayer 10.0.0
• Real Networks RealPlayer 10.5.0
• Real Networks RealPlayer 10 for Linux 10.0.5
• Real Networks RealPlayer 10 for Linux 10.0.6
• Real Networks RealPlayer 10 for Linux 10.0.7
• Real Networks RealPlayer 10 for Linux 10.0.8
• Real Networks RealPlayer 10 for Mac OS 10.0.0 .0.331
• Real Networks RealPlayer 10 for Mac OS 10.0.0.305
• Real Networks RealPlayer 10 for Mac OS 10.0.0.325
• Real Networks RealPlayer 10 for Mac OS 10.0.0.352
• Real Networks RealPlayer 10 for Mac OS 10.0.0.396
• Real Networks RealPlayer 10 for Mac OS 10.0.0.412
• Real Networks RealPlayer 10 for Mac OS 10.0.0.481
• Real Networks RealPlayer 8
• Real Networks RealPlayer Enterprise

References

• BugTraq: 26214
• CVE: CVE-2007-2264
• URL: http://securitytracker.com/id?1018866