RealPlayer for Windows < 15.0.2.71 Multiple Vulnerabilities
Synopsis :
A multimedia application on the remote Windows host is affected by
multiple vulnerabilities.
Description :
According to its build number, the installed version of RealPlayer on
the remote Windows host is earlier than 15.0.2.71. As such, it is
affected by multiple vulnerabilities :
- Errors exist related to 'rvrender RMFF' flags, 'RV20'
frame size arrays, 'VIDOBJ_START_CODE', 'RV40', 'RV10',
'coded_frame_size' and 'Atrac' sample decoding and can
result in remote, arbitrary code execution.
(CVE-2012-0922, CVE-2012-0923, CVE-2012-0924,
CVE-2012-0925, CVE-2012-0926, CVE-2012-0927,
CVE-2012-0928)
See also :
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://service.real.com/realplayer/security/02062012_player/en/
Solution :
Upgrade to RealPlayer 15.0.2.71 or later.
Risk factor :
High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
original thread: only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.nessus.org/plugins/index.php?view=single&id=57863
