Lucene search
Luigi AuriemmaZDI-11-268HistoryAug 16, 2011 - 12:00 a.m.
RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability
2011-08-1600:00:00
Luigi Auriemma
www.zerodayinitiative.com
8
0.075 Low
EPSS
Percentile
94.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer handles DEFINEFONT fields in Flash Files. When the process parses corrupt a ShapeRecord with the DefineFont record it reads outside a stack buffer and uses a random stack value as a heap pointer. Later this pointer will be used to write data into. The resulting corruption can lead to remote code execution under the context of the current user.
Related
cve
cve
CVE-2011-2948
2011-08-18 23:55:00
nvd
nvd
CVE-2011-2948
2011-08-18 23:55:00
prion
prion
Memory corruption
2011-08-18 23:55:00
cvelist
cvelist
CVE-2011-2948
2011-08-18 23:00:00
openvas
openvas
RealNetworks RealPlayer Multiple Vulnerabilities - Mac OS X
2011-08-31 00:00:00
RealNetworks RealPlayer Multiple Vulnerabilities (Mac OS X)
2011-08-31 00:00:00
RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Aug11
2011-08-31 00:00:00
nessus
nessus
Real Networks RealPlayer < 14.0.6.666 (Build 12.0.1.666) Multiple Vulnerabilities
2012-04-16 00:00:00
RealPlayer for Windows < Build 12.0.1.666 Multiple Vulnerabilities
2011-08-19 00:00:00
securityvulns
securityvulns
RealNetworks Realplayer multiple security vulnerabilities
2011-08-17 00:00:00