Lucene search

K
saintSAINT CorporationSAINT:32AF98CF80A27AB194B608D45186A636
HistoryMar 31, 2006 - 12:00 a.m.

RealPlayer invalid chunk header heap overflow

2006-03-3100:00:00
SAINT Corporation
my.saintcorporation.com
25

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.024

Percentile

89.9%

Added: 03/31/2006
CVE: CVE-2005-2922
BID: 17202
OSVDB: 24062

Background

RealPlayer, RealOne Player, and Helix Player include an embedded player which plays media embedded in a web page.

Problem

A chunked HTTP response containing an invalid or missing chunk header results in a heap overflow, leading to command execution.

Resolution

Use the Check for Update feature to upgrade to the latest version of RealPlayer, RealOne Player, or Helix Player.

References

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=404

Limitations

Exploit works on RealPlayer 10.5 (6.0.12.1348). In order for the exploit to run, a user must load the exploit page in Internet Explorer.

Platforms

Windows 2000
Windows XP

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.024

Percentile

89.9%