RealNetworks.RealPlayer.IVR.File.Processing.Code.Execution

Release Date Feb 10, 2009
Severity high
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attack attempt to exploit a remote code execution vulnerability in RealNetworks RealPlayer. The vulnerability is caused by an error when the vulnerable software handles a crafted .ivr file. It allows a remote attacker to execute arbitrary code via sending a crafted .ivr file.
Affected Products Realplayer 11.
Recommended Actions Upgrade to non-vulnerable version.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2009-0375 CVE-2009-0376
Reference/s http://www.securityfocus.com/bid/33652 (BugTraq)

Fortinet