RealNetworks.RealPlayer.Remoc3260.dll.Insecure.Method.Access
Description
This indicates a possible attempt to exploit an illegal resource reference vulnerability in RealNetworks' RealPlayer.
The vulnerability is located in the "rmoc3260.dll" ActiveX control and is caused by the misuse of the "DoGotoURL" method. It may allow remote attackers to access arbitrary resource using the affected ActiveX control.
Affected Products
RealPlayer 10.6 and previous versions
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Please refer to following URL to get the patch on this issue from the vendor:
http://service.real.com/realplayer/security/07252008_player/en/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-09-23 | 16.931 | Sig Added |