search menu icon-carat-right cmu-wordmark

CERT Coordination Center

RealPlayer version 16.0.3.51 contains a buffer overflow vulnerability

Vulnerability Note VU#698278

Original Release Date: 2013-12-30 | Last Revised: 2014-01-10

Overview

RealPlayer version 16.0.3.51 and possibly earlier versions contain a stack-based buffer overflow vulnerability (CWE-121).

Description

CWE-121: Stack-based Buffer Overflow

RealPlayer version 16.0.3.51 and possibly earlier versions contain a stack-based buffer overflow vulnerability. The .RMP file format is similar to standard XML encoding. An attacker can place malicious code in the value of the version or the encoding attributes inside the XML declaration to craft a malicious .RMP file. Once the file is opened by the victim, the program may crash or allow execution of code.

Impact

A remote unauthenticated attacker may be able to trick a user into opening a malicious .RMP file which may cause a denial-of-service condition or lead to arbitrary code execution.

Solution

Apply an Update

RealNetworks has advised users to apply the latest patch to remove .RMP file support to address this vulnerability.

Vendor Information

698278
 
Affected   Unknown   Unaffected

RealNetworks, Inc.

Notified:  October 16, 2013 Updated:  December 30, 2013

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

A patch is available at the link below.

Vendor References

CVE Request

Notified:  January 10, 2014 Updated:  January 10, 2014

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References


    CVSS Metrics

    Group Score Vector
    Base 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P
    Temporal 5.3 E:POC/RL:OF/RC:C
    Environmental 1.3 CDP:ND/TD:L/CR:ND/IR:ND/AR:ND

    References

    Acknowledgements

    Thanks to Gabor Seljan for reporting this vulnerability.

    This document was written by Adam Rauf.

    Other Information

    CVE IDs: CVE-2013-7260
    Date Public: 2013-12-20
    Date First Published: 2013-12-30
    Date Last Updated: 2014-01-10 18:11 UTC
    Document Revision: 30

    Sponsored by CISA.