Vulnerability Note VU#143627

RealSystem Server contains buffer overflow

Original Release date: 01 May 2003 | Last revised: 01 May 2003

Overview

A buffer overflow vulnerability exists in the RealSystem Server. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable host. An exploit exists for this vulnerability and is publicly available.

Description

RealSystem Server is a streaming media server. A buffer overflow vulnerability in RealSystem Server may allow a remote attacker to execute arbitrary code on a vulnerable host. For more information, please see RealSystem Server and Proxy Buffer Overflow Vulnerability.

Impact

A remote attacker may be able to execute arbitrary code with the privileges of the RealSystem Server process.

Solution

Update your software.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
RealNetworksAffected-01 May 2003
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was discovered by Tim Austwick of the QinetiQ Security Health Check Team.

This document was written by Ian A Finlay.

Other Information

  • CVE IDs: Unknown
  • Date Public: 19 Feb 2003
  • Date First Published: 01 May 2003
  • Date Last Updated: 01 May 2003
  • Severity Metric: 25.31
  • Document Revision: 5

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.