Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
RealOne and RealPlayer Buffer Overflow in RealPix Compression Library Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1006393 |
|
SecurityTracker URL: http://securitytracker.com/id/1006393
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 28 2003
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): RealOne Player, RealOne Player v2, RealPlayer 8, RealOne Enterprise Desktop Manager, RealOne Enterprise Desktop
|
Description:
A buffer overflow vulnerability was reported in the RealOne Player and RealPlayer 8 in a data compression library used to process PNG images. A remote user can cause arbitrary code to be executed.
RealNetworks reported a heap corruption vulnerability on the RealOne Player and RealPlayer 8. A remote user could create a specially crafted Portable Network Graphics (PNG) file that, when loaded by the target user, would cause arbitrary code to be executed on the target user's computer.
According to the report, the flaw resides in the RealPix component of the Player in an out-of-date data compression library.
RealNetworks also announced that some other unspecified vulnerabilities were discovered during an internal review of the RealOne Player source code.
The following player software is affected:
RealOne Player and RealOne Player v2 for Windows (all language versions), RealPlayer 8 for Windows (all language versions), RealPlayer 8 for Mac OS 9, RealOne Player for Mac OS X, RealOne Enterprise Desktop Manager and RealOne Enterprise Desktop (all versions).
RealNetworks indicates that the Helix DNA Client is not affected.
RealNetworks credits Carlos Sarraute and Juliano Rizzo of Core Security Technologies with discovering these flaws.
|
Impact:
A remote user can supply an image file that, when loaded or viewed by the target user's Player, will cause arbitrary code to be executed on the target user's system. The code will execute with the privileges of the target user.
|
Solution:
Updates are available for Windows RealOne Player (6.0.10.505), RealOne Player version 2 (6.0.11.853), and RealPlayer 8 (version 6.0.9.584); for MacOS 9; and for Apple OS X. Updates for RealOne Desktop Manager and RealOne Enterprise Desktop are to be available in about a week.
The vendor recommends that users of the following versions of the Player upgrade to the newest version and then apply the security update:
* RealOne Player version 2 (versions 6.0.11.818 thru 6.0.11.841)
* RealPlayer 8 (prior to version 6.0.9.584),
* RealPlayer 7, and
* RealPlayer G2
For specific upgrade directions applicable to your version, see the vendor's advisory:
http://www.service.real.com/help/faq/security/securityupdate_march2003.html
|
Vendor URL: www.service.real.com/help/faq/security/securityupdate_march2003.html (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
MacOS, UNIX (OS X), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 27 Mar 2003 22:25:27 -0500
Subject: RealNetworks Releases Security Update to Address RealOne Player,
|
http://www.service.real.com/help/faq/security/securityupdate_march2003.html
RealNetworks reported a heap corruption vulnerability on the RealOne Player and RealPlayer 8. A
remote user could create a specially crafted Portable Network Graphics (PNG) file that, when loaded
by the target user, would cause arbitrary code to be executed on the target user's computer.
According to the report, the flaw resided in the RealPix component of the Player in an out-of-date
data compression library.
RealNetworks announced that some other unspecified vulnerabilities that were discovered during an
internal review of the RealOne Player source code have been fixed in the update (described below).
The following player software is affected:
RealOne Player and RealOne Player v2 for Windows (all language versions), RealPlayer 8 for Windows
(all language versions), RealPlayer 8 for Mac OS 9, RealOne Player for Mac OS X, RealOne Enterprise
Desktop Manager and RealOne Enterprise Desktop (all versions).
RealNetworks indicates that the Helix DNA Client is not affected.
Updates are available for Windows RealOne Player (6.0.10.505), RealOne Player version 2
(6.0.11.853), and RealPlayer 8 (version 6.0.9.584); for MacOS 9; and for Apple OS X. Updates for
RealOne Desktop Manager and RealOne Enterprise Desktop are to be available in a bout a week.
The vendor recommends that users of the following versions of the Player upgrade to the newest
version and then apply the security update:
* RealOne Player version 2 (versions 6.0.11.818 thru 6.0.11.841)
* RealPlayer 8 (prior to version 6.0.9.584),
* RealPlayer 7, and
* RealPlayer G2
For specific upgrade directions applicable to your version, see the vendor's advisory:
http://www.service.real.com/help/faq/security/securityupdate_march2003.html
RealNetworks credits Carlos Sarraute and Juliano Rizzo of Core Security Technologies with
discovering these flaws.
|
|
Go to the Top of This SecurityTracker Archive Page
|
