This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a buffer overflow weakness in the RealPlayer SMIL parsing engine.
Real Networks RealPlayer and RealOne Player are media players that are available for various operating systems, including Microsoft Windows, Linux, and Mac OS.
Real Networks RealPlayer and RealOne Player are reported prone to a remote stack based buffer overflow vulnerability. The issue exists due to a lack of boundary checks performed by the application when parsing Synchronized Multimedia Integration Language (SMIL) files. A remote attacker may execute arbitrary code on a vulnerable computer to gain unauthorized access.
RealPlayer and RealOne Player both support the SMIL file format. A remote buffer overflow vulnerability exists in the 'CSmil1Parser::testAttributeFailed()' function of the 'smlparse.cpp' file. It is reported that an attacker can trigger this condition by supplying an excessive value for the 'system-screen-size' attribute in a malformed SMIL file. Specifically, a 'system-screen-size' value larger than 256 bytes can successfully overflow a finite sized buffer due to a strcpy() operation.
A remote attacker may exploit this vulnerability to execute arbitrary instructions in the context of a user that processes a malformed file through the affected application.
This vulnerability is reported to exist in Real Networks products for Microsoft Windows, Linux, and Apple Mac platforms.
- Real Networks Helix Player for Linux 1.0
- Real Networks RealOne Player 1.0, 188.8.131.528, 184.108.40.2060, 220.127.116.110, 18.104.22.1681, 22.214.171.1243, 126.96.36.1998, 188.8.131.522
- Real Networks RealOne Player for OSX 9.0.288, 9.0.297
- Real Networks RealPlayer 8.0 Win32, 10.0, 10.5 v184.108.40.2060, 10.5 v220.127.116.113, 10.5 v18.104.22.1686
- Real Networks RealPlayer 10 for Linux
- Real Networks RealPlayer 10 for Mac OS
- Real Networks RealPlayer Enterprise 1.1, 1.2, 1.5, 1.6
- Real Networks RealPlayer For Unix 10.0.3
- RedHat Fedora Core3