{"vuid":"VU#912219","idnumber":"912219","name":"RealSystem Proxy contains buffer overflow","keywords":["RealSystem Proxy","buffer overflow","URL errors"],"overview":"A buffer overflow vulnerability exists in the RealSystem Proxy. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable host. An exploit exists for this vulnerability and is publicly available.","clean_desc":"RealSystem Proxy is a streaming media proxy-cache. RealNetworks describes RealSystem Proxy as follows: RealSystem® Proxy 8 is a dedicated streaming media proxy-cache that enables ISPs and enterprises to manage digital media content entering their networks. A buffer overflow vulnerability exists in the RealSystem Proxy, versions 8.x. For more information, please see RealSystem Server and Proxy Buffer Overflow Vulnerability.","impact":"A remote attacker may be able to execute arbitrary code with the privileges of the RealSystem Proxy process.","resolution":"Update your software.","workarounds":"","sysaffected":"","thanks":"This vulnerability was discovered by Tim Austwick of the QinetiQ Security Health Check Team.","author":"This document was written by Ian A Finlay.","public":["http://216.239.53.100/search?q=cache:QhZ7s6LQbUwC:docs.real.com/docs/rn/rs8/misc/12_01proxy.pdf+RealSystem+Proxy+&hl=en&ie=UTF-8","http://service.real.com/help/faq/security/bufferoverflow.html","http://securitytracker.com/alerts/2002/Feb/1003604.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-02-27T15:31:02Z","publicdate":"2003-02-19T00:00:00Z","datefirstpublished":"2003-05-01T13:20:29Z","dateupdated":"2003-05-01T13:20:32Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"20","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"33.75","cam_scorecurrentwidelyknown":"33.75","cam_scorecurrentwidelyknownexploited":"56.25","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":33.75,"vulnote":null}