RealNetworks RealPlayer URL Parsing Stack Buffer Overflow (CVE-2012-5691)
| Check Point Reference: | CPAI-2013-012 | |
| Date Published: | ||
| Severity: | ||
| Source: | RealNetworks Advisory 56956 | |
| Industry Reference(s): | CVE-2012-5691 |
|
| Protection Provided by: |
Security Gateway
|
|
|
Who is Vulnerable? RealNetworks RealPlayer 15.0.6.14 and prior |
||
| Vulnerability Description A stack buffer overflow vulnerability exists in RealNetworks RealPlayer. Successful exploitation can result in arbitrary code execution in the context of the currently logged in user. |
||
|
Vulnerability Details The vulnerability is due to insufficient sanitation of the URLs while parsing RealMedia files. The attacker creates a malicious Microsoft .url file that has an extension associated with RealPlayer, such as .ram or .ra and delivers it to the target user. The malicious Real Audio Metadata file contains an overly long URL. The vulnerability is triggered when the malicious file is processed by the affected application. |
Protection Overview
The protection will detect and block the transfer of malicious files attempting to trigger this vulnerability.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.