This attack could pose a moderate security threat. It does not require immediate action.
This signature detects attempt to cause a DoS vulnerability by passing long arguments into a vulnerable methods of RealMedia RealPlayer Ierpplug.DLL ActiveX Control.
The RealPlayer ActiveX control is prone to multiple buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.
A remote attacker may exploit these vulnerabilities by presenting a malicious file to a victim and enticing them to open it with the vulnerable application.
Successful attacks can cause denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control. Arbitrary code execution may also be possible, but this has not been confirmed.
- These issues affect RealPlayer 10.5; other versions may also be affected.
Download and install all vendor patches related to this vulnerability