Executive Summary
Summary | |
---|---|
Title | RealNetworks RealPlayer Shockwave Flash (SWF) file vulnerability |
Informations | |||
---|---|---|---|
Name | VU#298651 | First vendor Publication | 2008-07-28 |
Vendor | VU-CERT | Last vendor Modification | 2008-07-28 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#298651RealNetworks RealPlayer Shockwave Flash (SWF) file vulnerabilityOverviewRealNetworks RealPlayer fails to properly handle frames within Shockwave Flash (SWF) files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.I. DescriptionThe RealNetworksRealPlayer application provides support for the SWF file format. A buffer overflow exists in the way that the RealPlayer handles specially crafted SWF files. A remote, unauthenticated attacker with the ability to supply a specially crafted SWF file could exploit this vulnerability to execute arbitrary code on an affected system.II. ImpactBy convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.III. SolutionApply an updateThis issue is addressed in RealPlayer 11.0.3. Please see the RealPlayer security update for more details.
References
This issue was reported in the RealPlayer security update for version 11.0.3. RealNetworks credits Dyon Balding of Secunia for reporting this issue. This document was written by Chris Taschner.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/298651 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:22493 | |||
Oval ID: | oval:org.mitre.oval:def:22493 | ||
Title: | ELSA-2008:0812: RealPlayer security update (Critical) | ||
Description: | Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0812-03 CVE-2007-5400 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | RealPlayer |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2009-06-15 | Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200809-03 (realplayer) File : nvt/glsa_200809_03.nasl |
2008-08-22 | Name : RealPlayer SWF Frame Handling Buffer Overflow Vulnerability (Win) File : nvt/secpod_realplayer_swf_bof_vuln_900015.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47138 | RealPlayer SWF File Frame Handling Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | RealNetworks RealPlayer SWF frame handling buffer overflow attempt RuleID : 28641 - Revision : 5 - Type : FILE-FLASH |
2014-01-10 | RealNetworks RealPlayer SWF frame handling buffer overflow attempt RuleID : 28640 - Revision : 5 - Type : FILE-FLASH |
2014-01-10 | RealNetworks RealPlayer SWF frame handling buffer overflow attempt RuleID : 17633 - Revision : 14 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-12-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-11.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_RealPlayer-6266.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0812.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_RealPlayer-090521.nasl - Type : ACT_GATHER_INFO |
2009-05-26 | Name : The remote openSUSE host is missing a security update. File : suse_RealPlayer-6265.nasl - Type : ACT_GATHER_INFO |
2008-09-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-03.nasl - Type : ACT_GATHER_INFO |
2008-07-28 | Name : The remote Windows application is affected by at least one security vulnerabi... File : realplayer_6_0_14_806.nasl - Type : ACT_GATHER_INFO |