RealPlayer Multiple Memory Corruption and DoS Vulnerabilities

Source: Internet
Author: User

Release date:
Updated on:

Affected Systems:
Real Networks RealPlayer 14.0.2
Real Networks RealPlayer 11
Description:
--------------------------------------------------------------------------------
Bugtraq id: 55473
CVE (CAN) ID: CVE-2012-2407, CVE-2012-2408, CVE-2012-2409, CVE-2012-2410, CVE-2012-3234

RealPlayer is a tool used to listen to and watch real-time audio, video, and Flash on the Internet.

RealPlayer 15.0.3.37 and earlier versions have multiple memory corruption and DoS Vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code in the affected applications.

1) buffer overflow may occur if an error occurs when the AAC stream data is released.

2) memory corruption can be caused by an error in decoding the aac sdk.

3) when processing RealMedia files, multiple errors can cause buffer overflow.

<* Source: Andrzej Dyjak

Link: http://secunia.com/advisories/50566/
Http://service.real.com/realplayer/security/09072012_player/en/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Real Networks
-------------
Real Networks has released a Security Bulletin (/09072012_player) for this purpose and corresponding patches:

/09072012_player: RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.

Link: http://service.real.com/realplayer/security/09072012_player/en/

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.