CERT-In Advisory CIAD-2008-38
Multiple Security Vulnerabilities RealNetworks RealPlayer
Original issue date:
July 31, 2008
Severity Rating: High
Systems Affected
- RealNetworks RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802)
- RealNetworks RealPlayer 10.5 (6.0.12.1040-6.0.12.1663, 6.0.12.1698, 6.0.12.1741
- RealNetworks RealPlayer 10
- RealNetworks RealPlayer Enterprise
- RealNetworks Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503)
- RealNetworks Mac RealPlayer 10 (10.0.0.305 - 352)
- RealNetworks Linux RealPlayer 10
Overview
Multiple Security vulnerabilities have been identified in RealNetworks RealPlayer, which could be exploited by remote attackers to take complete control of an affected system or to cause Denial of Service.
Description
1. rmoc3260.dll ActiveX control Memory Corruption vulnerability (CVE-2008-1309, CIVN-2008-30)
This vulnerability is described in CERT-In Vulnerability Note CIVN-2008-30.
rmoc3260.dll version 6.0.10.45 is also affected by this vulnerability. Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503), Mac RealPlayer 10 (10.0.0.305 - 352) and Linux RealPlayer 10 are not affected by this vulnerability.
2. RealPlayer Local resource reference vulnerability
(CVE-2008-3064)
A local resource reference vulnerability exists in the RealPlayer which could be exploited by the attackers to reference the local resources.
RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802, Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503), Mac RealPlayer 10 (10.0.0.305 - 352) and Linux RealPlayer 10 are not affected by this vulnerability.
3. RealPlayer SWF file heap-based buffer overflow vulnerability (CVE-2007-5400)
Heap-based buffer overflow vulnerability exists in the RealPlayer when handling the frames in Shockwave Flash (SWF) files, which can potentially be exploited by the remote attackers to compromise a user's system. Successful exploitation of this issue could allow execution of arbitrary code.
RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802) is not affected by this vulnerability.
4. RealPlayer ActiveX “rjbdll.dll” import method buffer overflow Vulnerability (CVE-2008-3066)
This vulnerability is caused due to a stack-based overflow error in the "rjbdll.dll" module when handling the deletion of media library files, which could be exploited by attackers to execute arbitrary code. This vulnerability can be exploited by importing a media library file using the ActiveX control and then deleting the imported file.
RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802), Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503), Mac RealPlayer 10 (10.0.0.305 - 352) and Linux RealPlayer 10 are not affected by this vulnerability.
Solution
Apply appropriate updates as mentioned by the vendor in Real Security Updates. http://service.real.com/realplayer/security/07252008 _ player/en/
Vendor Information
RealNetworks, Inc.
http://service.real.com/realplayer/security/07252008_player/en/
References
Secunia
http://secunia.com/advisories/27620/
http://secunia.com/advisories/29315/
http://secunia.com/secunia_research/2007-93/advisory/
SecurityFocus
http://www.securityfocus.com/bid/28157
http://www.securityfocus.com/bid/30370
http://www.securityfocus.com/bid/30379
SecurityTracker
http://securitytracker.com/alerts/2008/Mar/1019576.html
http://securitytracker.com/alerts/2008/Jul/1020565.html
http://securitytracker.com/alerts/2008/Jul/1020562.html
http://securitytracker.com/alerts/2008/Jul/1020564.html
SecurityLab
http://en.securitylab.ru/nvd/348495.php
X-Force
http://xforce.iss.net/xforce/xfdb/41087
Zero Day
http://www.zerodayinitiative.com/advisories/ZDI-08-047/
http://www.zerodayinitiative.com/advisories/ZDI-08-046/
CVE Name
CVE-2008-1309
CVE-2008-3064
CVE-2007-5400
CVE-2008-3066
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
