Test ID:	1.3.6.1.4.1.25623.1.0.802826
Category:	Denial of Service
Title:	RealNetworks RealPlayer MP4 File Handling Denial of Service Vulnerability - Windows
Summary:	RealPlayer is prone to a denial of service (DoS) vulnerability.
Description:	Summary: RealPlayer is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaws are due to - An error the in 'mp4fformat.dll' in the QuickTime File Format plugin. This can be exploited to cause a crash by sending a crafted MP4 file. - An error within the parsing of RealMedia ASMRuleBook. - An error within the RealJukebox Media parser, which allows to cause a buffer overflow. Vulnerability Impact: Successful exploitation may allow remote attackers to execute arbitrary code, cause buffer overflow or cause the application to crash, creating a denial of service condition. Affected Software/OS: RealPlayer versions before 15.0.4.53 RealPlayer SP versions 1.0 through 1.1.5 on Windows Solution: Upgrade to RealPlayer version 15.0.4.53 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1904 http://packetstormsecurity.org/files/111162/RealPlayer-1.1.4-Memory-Corruption.html http://www.securitytracker.com/id?1027076 http://secunia.com/advisories/49193 Common Vulnerability Exposure (CVE) ID: CVE-2012-2406 http://osvdb.org/81943 XForce ISS Database: realplayer-asmrulebook-code-exec(75647) https://exchange.xforce.ibmcloud.com/vulnerabilities/75647 Common Vulnerability Exposure (CVE) ID: CVE-2012-2411 http://osvdb.org/81944 XForce ISS Database: realplayer-realjukebox-bo(75648) https://exchange.xforce.ibmcloud.com/vulnerabilities/75648
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.