Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20223
HistoryJul 25, 2008 - 12:00 a.m.

Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow

2008-07-2500:00:00
vulners.com
4
JSON

======================================================================

                 Secunia Research 25/07/2008
  • RealNetworks RealPlayer SWF Frame Handling Buffer Overflow -

======================================================================
Table of Contents

Affected Software…1
Severity…2
Vendor's Description of Software…3
Description of Vulnerability…4
Solution…5
Time Table…6
Credits…7
References…8
About Secunia…9
Verification…10

======================================================================
1) Affected Software

RealNetworks RealPlayer Version 10.5 Build 6.0.12.1483

NOTE: Other versions may also be affected.

======================================================================
2) Severity

Rating: Highly critical
Impact: System access
Where: From remote

======================================================================
3) Vendor's Description of Software

"Download Web video instantly".

Product Link:
http://www.real.com/player

======================================================================
4) Description of Vulnerability

Secunia Research has discovered a vulnerability in RealPlayer, which
can potentially be exploited by malicious people to compromise a
user's system.

The vulnerability is caused due to a design error within the handling
of frames in Shockwave Flash (SWF) files and can be exploited to cause
a heap-based buffer overflow.

Successful exploitation may allow execution of arbitrary code.

======================================================================
5) Solution

The vulnerability is fixed in an upcoming release.

======================================================================
6) Time Table

16/11/2007 - Vendor notified.
22/11/2007 - Vendor notified again.
26/11/2007 - Vendor response and request PoC.
29/11/2007 - Sent PoC to vendor.
03/01/2008 - Confirmation that vendor able to reproduce vulnerability.
27/05/2008 - Requested update from vendor.
07/07/2008 - Vendor confirms update is pending.
23/07/2008 - Vendor confirms disclosure date.
25/07/2008 - Public disclosure.

======================================================================
7) Credits

Discovered by Dyon Balding, Secunia Research.

======================================================================
8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2007-5400 for the vulnerability.

======================================================================
9) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

http://corporate.secunia.com/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.

http://secunia.com/

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:

http://corporate.secunia.com/secunia_research/33/

Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:

http://secunia.com/secunia_vacancies/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/secunia_security_advisories/

======================================================================
10) Verification

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2007-93/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

======================================================================

Related

nessus 8
prion 1
openvas 6
gentoo 2
redhat 1
cert 1
seebug 1
checkpoint_advisories 2
cve 1
nessus
nessus
openSUSE Security Update : RealPlayer (RealPlayer-906)
2009-07-21 00:00:00
openSUSE 10 Security Update : RealPlayer (RealPlayer-6265)
2009-05-26 00:00:00
SuSE 10 Security Update : RealPlayer (ZYPP Patch Number 6266)
2011-01-27 00:00:00
prion
prion
Heap overflow
2008-07-28 17:41:00
openvas
openvas
Gentoo Security Advisory GLSA 200809-03 (realplayer)
2008-09-24 00:00:00
RealPlayer SWF Frame Handling Buffer Overflow Vulnerability (Windows)
2008-08-22 00:00:00
RealPlayer SWF Frame Handling Buffer Overflow Vulnerability (Windows)
2008-08-22 00:00:00
gentoo
gentoo
Win32 Codecs: User-assisted execution of arbitrary code
2013-12-16 00:00:00
RealPlayer: Buffer overflow
2008-09-04 00:00:00
redhat
redhat
(RHSA-2008:0812) Critical: RealPlayer security update
2008-07-31 00:00:00
cert
cert
RealNetworks RealPlayer Shockwave Flash (SWF) file vulnerability
2008-07-28 00:00:00
seebug
seebug
RealNetworks RealPlayer SWF文件处理堆溢出漏洞
2008-07-28 00:00:00
checkpoint_advisories
checkpoint_advisories
RealNetworks RealPlayer SWF Frame Handling Buffer Overflow (CVE-2007-5400)
2010-07-13 00:00:00
RealNetworks RealPlayer SWF Frame Handling Buffer Overflow - ver 2 (CVE-2007-5400)
2014-04-09 00:00:00
cve
cve
CVE-2007-5400
2008-07-28 17:41:00
JSON
Related for SECURITYVULNS:DOC:20223
nessus8prion1openvas6gentoo2redhat1cert1seebug1checkpoint_advisories2cve1