Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3056
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 3
Guests: 2984
Total: 2987









Author Topic: Vulnerabilities Leave RealPlayer Open To Attack  (Read 3706 times)

0 Members and 2 Guests are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Vulnerabilities Leave RealPlayer Open To Attack
« on: 02. February 2010., 07:22:30 »


iDefense is warning users of several critical vulnerabilities in several versions of its online media application, RealPlayer, that could open the door for a remote code execution attack on both Windows and Mac systems, according to iDefense Labs security blog.

Altogether, the vulnerabilities affect RealPlayer, an application for playing online media files, in Windows versions 11.0 through 11.0.4, Windows 10.5, Mac RealPlayer 10, RealPlayer 10.1.0.3830 on Linux.

One of the critical vulnerabilities is a buffer overflow issue within RealPlayer when it handles compressed GIF files. Specifically, the error occurs in the CGIFCodec::InitDecompress() function and could lead to heap corruption, which can pave the way for attackers to execute malicious code remotely.

If exploited, an attacker could launch malicious code on a user's system by enticing a victim into opening an RTSP (Real Time Streaming Protocol) stream. Once the victim opened the stream, the attack would inject a malformed compressed GIF image into a RTSP stream, launching malicious code onto the user's system.

Additionally, an attacker could also host a malicious Web site and then entice a victim to visit the page, which would immediately download malware onto their systems.

iDefense Labs said that other attack vectors might exist.

Additionally, RealNetworks, which develops RealPlayer application, has released patches addressing two other critical integer overflow vulnerabilities that can lead to remote code execution attacks if left unaddressed.

One of those vulnerabilities includes an integer overflow issue that was detected when the RealPlayer system undergoes a "chunked" transfer encoding method, a process which breaks the file the server is sending into digestible "chunks." The error occurs when the server is processing the "chunks," resulting in a heap overflow vulnerability and opening up a security hole that enables remote attackers to launch malicious code on a user running the application.

Attackers can exploit the flaw by persuading a user to use RealPlayer when opening a specially crafted media file, usually conducted via an infected Web page using the RealPlayer plug-in or by a link embedded in an e-mail directing them to a malicious file. Attackers will then be able to install code allowing them to infiltrate and take complete control of a user's computer.

Meanwhile, a third memory corruption error exists in the CMediumBlockAllocator::Alloc method, that can also open up a security hole enabling malicious attacks.

In a successful attack scenario, a hacker would also have to entice a RealPlayer user to open a specially crafted media file, typically through some social engineering scheme. The user could become infected by opening a contaminated Web site or infected link, embedded in an e-mail, redirecting a user to a malicious site.

iDefense recommends that users who run RealPlayer applications apply the available patches as soon as possible.

(ChannelWeb)

Samker's Computer Forum - SCforum.info

Vulnerabilities Leave RealPlayer Open To Attack
« on: 02. February 2010., 07:22:30 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023