Status Tracking Note TRTA07-297A

RealNetworks RealPlayer ActiveX Playlist Buffer Overflow

Overview

RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist paramater passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.
Event Information


Date (UTC)Description
2007-10-25 Trend Micro
TROJ_REAPALL.A
Exploit for CVE-2007-5601
2007-10-24 19:04 US-CERT
TA07-297A: RealNetworks RealPlayer ActiveX Playlist Buffer Overflow
Via US-CERT Mailing List
RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist paramater passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.
2007-10-22 17:35 SANS Internet Storm Center
RealPlayer patch for Zero day vulnerability
RealNetworks has issued a fix for a vulnerability.
2007-10-20 18:32 US-CERT
RealNetworks Issues Security Update for RealPlayer Vulnerability
RealNetworks has issued a Security Update to address the previously reported buffer overflow vulnerability in RealPlayer. This vulnerability could allow an attacker to execute arbitrary code on an affected system by enticing a user to view a specially crafted HTML document.
2007-10-20 RealNetworks
October 19, 2007 RealPlayer Update
RealNetworks has issued a fix for a vulnerability identified as a malicious web page which affects the import method of an Active X control to cause a stack overflow in the Realplayer. CVE-2007-5601.
2007-10-19 23:01 SANS Internet Storm Center
Realplayer vulnerability with active exploit
We're getting multiple reports of a fresh vulnerability in RealPlayer. We understand there is some active exploitation of it.
2007-10-19 15:11 McAfee
RealPlayer Zero Day Exploit Hits the Web
Computer Security Research - McAfee Avert Labs Blog
Last night we obtained a sample of a RealPlayer zero day exploit. RealPlayer 11 Beta, 10.5, and older versions are affected.
2007-10-19 14:29 US-CERT
Active Exploitation of a Vulnerability in RealPlayer
US-CERT is aware of active exploitation of a buffer overflow vulnerability in RealPlayer. This vulnerability affects RealPlayer version 9 and later, and may allow an attacker to execute arbitrary code on an affected system.
2007-10-19 07:46 Symantec
RealPlayer Exploit On The Loose
Yesterday we became aware of an in-the-wild exploitation of a previously unknown RealPlayer vulnerability. This unpatched vulnerability affects the latest versions of RealPlayer and RealPlayer 11 BETA distributed on their site. The issue affects an ActiveX object in the RealPlayer component ierpplug.dll.
2007-10-19 07:08 McAfee
Exploit-RealPlay.a
Exploit-RealPlay.a is a generic detection for malicious Javascript code that attempts to exploit an unknown buffer overflow vulnerability affecting RealPlayer 11 Beta, 10.5 or older versions.
2007-10-19 IBM Internet Security Systems
RealNetworks RealPlayer unspecified ActiveX buffer overflow
An unspecified RealNetworks RealPlayer ActiveX control is vulnerable to a buffer overflow.
2007-10-19 Symantec
Trojan.Reapall


Date first published (UTC): 2007-10-28T13:58+00:00
Date last updated (UTC): 2007-10-28T13:58+00:00
Valid HTML 4.01!