NGSSoftware Insight Security Research Advisory #NISR17042004 - By crafting malformed .R3T file it is possible to cause a stack based overruns in RealPlayer / RealOne Player. By forcing a browser to a website containing such a file, code could be executed on the target machine running in the context of the logged on user, alternatively the end user would be required to open the .R3T file as a mail attachment. Systems Affected: RealPlayer 8, RealOne Player, RealOne Player v2 for Windows only (all languages), RealPlayer 10 Beta (English only) and RealPlayer Enterprise (all versions, stand-alone and as configured by the RealPlayer Enterprise Manager).
6d743136e2278e3913a2b15ed69ed2788f1f4b991aaed8aef0dce1951f4208cf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed