Test Kennung:	1.3.6.1.4.1.25623.1.0.804178
Kategorie:	General
Titel:	RealNetworks RealPlayer Buffer Overflow Vulnerability Dec13 (Windows)
Zusammenfassung:	The host is installed with RealPlayer and is prone to buffer overflow;vulnerability.
Beschreibung:	Summary: The host is installed with RealPlayer and is prone to buffer overflow vulnerability. Vulnerability Insight: Flaw is due to: - An error in handling the 'version' and 'encoding' attributes in RMP files. - Improper validation of user input when handling the 'trackid' attribute in RMP files. Vulnerability Impact: Successful exploitation will allow remote unauthenticated attacker to execute arbitrary code with the privileges of the application. Affected Software/OS: RealPlayer version before 17.0.4.61 on Windows. Solution: Upgrade to RealPlayer version 17.0.4.61 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 64398 BugTraq ID: 64695 Common Vulnerability Exposure (CVE) ID: CVE-2013-6877 http://www.securityfocus.com/bid/64398 Bugtraq: 20131217 CORE-2013-0903 - RealPlayer Heap-based Buffer Overflow Vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-12/0104.html http://packetstormsecurity.com/files/124535 http://www.coresecurity.com/advisories/realplayer-heap-based-buffer-overflow-vulnerability Common Vulnerability Exposure (CVE) ID: CVE-2013-7260 http://www.securityfocus.com/bid/64695 CERT/CC vulnerability note: VU#698278 http://www.kb.cert.org/vuls/id/698278 http://www.exploit-db.com/exploits/30468/ XForce ISS Database: realplayer-cve20137260-bo(90160) https://exchange.xforce.ibmcloud.com/vulnerabilities/90160
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.