1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Real Networks RealPlayer CVE-2012-5961

Attack: Real Networks RealPlayer CVE-2012-5961

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a vulnerability in RealPlayer which could result into remote code execution.

Additional Information

Real Networks RealPlayer is an application that allows users to play various media formats.

Real Networks RealPlayer is prone to the following security vulnerabilities:

1. A buffer-overflow vulnerability occurs due to an error when parsing specially crafted 'RealMedia' files. (CVE-2012-5691)

2. A remote memory-corruption vulnerability occurs due to an invalid pointer dereference error when parsing a specially crafted 'RealAudio' files. (CVE-2012-5690)

Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected application. Failed attacks may cause denial-of-service conditions.

RealPlayer 15.0.6.14 and prior versions are vulnerable.

Affected

  • RealPlayer 15.0.6.14 and prior versions are vulnerable.

Response

Vendor updates are available. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube