PT-2010-5453 · Realnetworks+1 · Linux Realplayer+4
Published
2010-02-09
·
Updated
2011-01-19
·
CVE-2010-4376
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
RealPlayer versions 11.0 through 11.1
RealPlayer SP versions 1.0 through 1.1.1
Mac RealPlayer versions 11.0 through 11.1
Linux RealPlayer version 11.0.2.1744
Description
The issue allows remote attackers to execute arbitrary code via a large Screen Width value in the
Screen Width variable of the Screen Descriptor header of a GIF87a file in an RTSP stream, specifically through the "/rtsp" API endpoint. This is a result of a heap-based buffer overflow.Recommendations
For RealPlayer versions 11.0 through 11.1, update to a version outside of this range to resolve the issue.
For RealPlayer SP versions 1.0 through 1.1.1, update to a version outside of this range to resolve the issue.
For Mac RealPlayer versions 11.0 through 11.1, update to a version outside of this range to resolve the issue.
For Linux RealPlayer version 11.0.2.1744, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting access to RTSP streams that contain GIF87a files to minimize the risk of exploitation.
Fix
RCE
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Realplayer
Mac Realplayer
Realplayer
Realplayer Sp
Red Hat