{"vuid":"VU#298651","idnumber":"298651","name":"RealNetworks RealPlayer Shockwave Flash (SWF) file vulnerability","keywords":["RealNetworks","RealPlayer","heap-based buffer overflow","design error","Shockwave Flash files","SWF"],"overview":"RealNetworks RealPlayer fails to properly handle frames within Shockwave Flash (SWF) files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.","clean_desc":"The RealNetworks RealPlayer application provides support for the SWF file format. A buffer overflow exists in the way that the RealPlayer handles specially crafted SWF files. A remote, unauthenticated attacker with the ability to supply a specially crafted SWF file could exploit this vulnerability to execute arbitrary code on an affected system.","impact":"By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.","resolution":"Apply an update\nThis issue is addressed in RealPlayer 11.0.3. Please see the RealPlayer security update for more details.","workarounds":"","sysaffected":"","thanks":"This issue was reported in the RealPlayer \nsecurity update\n for version 11.0.3. RealNetworks credits Dyon Balding of Secunia for reporting this issue.","author":"This document was written by Chris Taschner.","public":["http://secunia.com/advisories/27620/","http://secunia.com/secunia_research/2007-93/","http://service.real.com/realplayer/security/07252008_player/en/"],"cveids":["CVE-2007-5400"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2008-07-25T19:16:02Z","publicdate":"2008-07-25T00:00:00Z","datefirstpublished":"2008-07-28T20:06:02Z","dateupdated":"2008-07-28T20:15:47Z","revision":7,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"17","cam_easeofexploitation":"9","cam_attackeraccessrequired":"20","cam_scorecurrent":"11.475","cam_scorecurrentwidelyknown":"14.34375","cam_scorecurrentwidelyknownexploited":"25.81875","ipprotocol":"","cvss_accessvector":"--","cvss_accesscomplexity":"--","cvss_authentication":null,"cvss_confidentialityimpact":"--","cvss_integrityimpact":"--","cvss_availabilityimpact":"--","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"ND","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"0","cvss_basevector":"AV:--/AC:--/Au:--/C:--/I:--/A:--","cvss_temporalscore":"0","cvss_environmentalscore":"0","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":11.475,"vulnote":null}