{"vuid":"VU#473814","idnumber":"473814","name":"Multiple Real media players vulnerable to buffer overflow when parsing crafted media files","keywords":["RealNetworks","RealOne Player","RealPlayer","heap overflow","stack overflow","RP","RT","RAM","RPM","SMIL"],"overview":"Multiple Real media players vulnerable to buffer overflow when parsing certain media files which may permit an attacker to execute arbitrary code on the user's system.","clean_desc":"RealNetworks Real media players are multimedia applications that allow users to view local and remote audio/video content. These players support multiple media types including RealPix (RP), RealText (RT), Real Audio (RAM), RealAudio Plugin (RPM), and synchronized multimedia integration language (SMIL) files. There is a vulnerability in the way Real players validate these media files. This flaw could be used to execute arbitrary code on the user's system by creating a specially crafted media file. According to RealNetworks Security Advisory, this vulnerability affects the following products: RealOne Player\nRealPlayer 8","impact":"An attacker could execute arbitrary code on a user's system.","resolution":"Upgrade For instructions on upgrading, please refer to RealNetworks Security Advisory.","workarounds":"","sysaffected":"","thanks":"Thanks to RealNetworks, Secunia, and NGSSoftware for information contained in their security advisories.","author":"This document was written by Damon Morda.","public":["http://www.service.real.com/help/faq/security/040123_player/EN/","http://www.ngssoftware.com/advisories/realone.txt","http://www.secunia.com/advisories/10796/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-02-05T15:43:34Z","publicdate":"2004-02-05T00:00:00Z","datefirstpublished":"2004-02-06T16:50:01Z","dateupdated":"2004-02-06T17:45:38Z","revision":19,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"15","cam_easeofexploitation":"7","cam_attackeraccessrequired":"15","cam_scorecurrent":"11.07421875","cam_scorecurrentwidelyknown":"13.2890625","cam_scorecurrentwidelyknownexploited":"22.1484375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":11.07421875,"vulnote":null}