Release DateDec 22, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against an Integer Underflow vulnerability in RealPlayer.The vulnerability is caused because the vulnerable application fails to adequately validate user-supplied data. A remote attacker can exploit this vulnerability by sending a specially crafted MPEG file. Successful attacks may allow attackers to execute arbitrary code. |
Affected ProductsRealNetworks RealPlayer 14.0.7 and prior |
Recommended ActionsApply patches or fixes from the vendor, available from the website:http://service.real.com/realplayer/security/11182011_player/en/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-4259 |
