General : RealNetworks RealPlayer Multiple Vulnerabilities (Win)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801673

Categoría: General

Título: RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10

Resumen: Check for the version of RealPlayer

Descripción:
Overview: This host is installed with RealPlayer which is prone to multiple
vulnerabilities.

Vulnerability Insight:
The multiple flaws are due to,
- Heap-based buffer overflow error when parsing a large Screen Width value
in the Screen Descriptor header of a GIF87a file in an RTSP stream.
- An integer overflow in the pnen3260.dll module allows remote attackers to
execute arbitrary code via a crafted TIT2 atom in an AAC file.

Impact: Successful exploitation allows remote attackers to execute arbitrary
code or cause a denial of service.

Affected Software/OS:
RealPlayer SP 1.0 to 1.1.1 (12.x)
RealNetworks RealPlayer SP 11.0 to 11.1 on Windows platform.

Fix: Upgrade to RealPlayer 14.0.1.609 (Build 12.0.1.609) or later,
For updates refer to http://www.real.com/player

References:
http://secunia.com/advisories/38550/
http://service.real.com/realplayer/security/12102010_player/en/

Referencia Cruzada: BugTraq ID: 45411
Common Vulnerability Exposure (CVE) ID: CVE-2010-4376
http://www.zerodayinitiative.com/advisories/ZDI-10-271
http://www.securityfocus.com/bid/45411
http://www.securitytracker.com/id?1024861
Common Vulnerability Exposure (CVE) ID: CVE-2010-4397
http://www.zerodayinitiative.com/advisories/ZDI-10-269
http://osvdb.org/69856

Copyright Copyright (c) 2010 Greenbone Networks GmbH

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801673
Categoría:	General
Título:	RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10
Resumen:	Check for the version of RealPlayer
Descripción:	Overview: This host is installed with RealPlayer which is prone to multiple vulnerabilities. Vulnerability Insight: The multiple flaws are due to, - Heap-based buffer overflow error when parsing a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream. - An integer overflow in the pnen3260.dll module allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file. Impact: Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. Affected Software/OS: RealPlayer SP 1.0 to 1.1.1 (12.x) RealNetworks RealPlayer SP 11.0 to 11.1 on Windows platform. Fix: Upgrade to RealPlayer 14.0.1.609 (Build 12.0.1.609) or later, For updates refer to http://www.real.com/player References: http://secunia.com/advisories/38550/ http://service.real.com/realplayer/security/12102010_player/en/
Referencia Cruzada:	BugTraq ID: 45411 Common Vulnerability Exposure (CVE) ID: CVE-2010-4376 http://www.zerodayinitiative.com/advisories/ZDI-10-271 http://www.securityfocus.com/bid/45411 http://www.securitytracker.com/id?1024861 Common Vulnerability Exposure (CVE) ID: CVE-2010-4397 http://www.zerodayinitiative.com/advisories/ZDI-10-269 http://osvdb.org/69856
Copyright	Copyright (c) 2010 Greenbone Networks GmbH