RealNetworks.RealPlayer.rmoc3260.ActiveX.Code.Execution

Description

RealPlayer is a cross-platform media player by RealNetworks that plays a number of multimedia formats including MP3, MPEG-4, QuickTime, Windows Media, and multiple versions of proprietary RealAudio and RealVideo formats.
RealNetworks is updating the RealPlayer 11 build (11.0.3) announced on July 25th to include components for localized versions of the release that were not included in the original update. The new build, known as RealPlayer 11.0.3a, should be installed for any non-U.S. English versions of RealPlayer 11.
The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory.

Affected Products

RealNetworks rmoc3260.dll 6.0.10 45
RealNetworks RealPlayer 11

Impact

A remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory.

Recommended Actions

As detailed in http://service.real.com/realplayer/security/07252008_player/en/, RealPlayer 11.0.3 did address all security bug fixes. Instructions are listed below:
* Windows Players:
If you are on Windows XP orVista, please download RealPlayer 11 from: http://www.real.com/realcom/player/security/
If you are on Windows 2000, Windows ME or Windows 98SE, you may get the security updates in the most recent version of RealPlayer 10.5 by following the instructions below.
RealOne Player (English only), RealOne Player V2, RealPlayer 10 and RealPlayer 10.5 customers require a full download to correct this issue. Please use the following steps to upgrade your Player:
1. In the Tools menu select Check for Update.
2. Select the box next to the "RealPlayer 10.5 with Harmony Technology" component.
Click Install to download and install the update
RealPlayer 8 (version 6.0.9.584) customers please use the following steps to upgrade your Player:
1. Go to the Help menu.
2. Select Check for Update.
3. Select the box next to the "RealPlayer 10.5 with Harmony Technology" component.
4. Click Install to download and install the update.
* RealPlayer for Mac OS X:
RealPlayer 10 for Mac OS X customers need to get the latest player to address this security issue. Please click here to upgrade your RealPlayer 11.
* Linux Players:
Please get an updated RealPlayer 11 for Linux from: http://www.real.com/linux
For FortiGate users, turning on these IPS signatures can prevent exploitation of this vulnerability:
RealNetworks.RealPlayer.rmoc3260.ActiveX.Code.Execution

References