|
RealPlayer,
developed by RealNetworks Inc., is an application for playing
various media formats. When RealPlayer process the Synchronized
Multimedia Integration Language (smil) file format, stack-based
buffer overflow would happen and cause the vulnerable host to open a
local TCP port waiting for connections from foreign IP addresses. By
successfully connecting to the newly opened local TCP port, a
malicious attacker can take full control and run arbitrary codes on
a vulnerable computer.
To exploit this vulnerability, an attacker first needs to craft a
malformed. smil file and dupe a user to open it. An attacker could
also place a malformed .smil file on a web server and make links to
the malicious .smil file. By default, when RealPlayer users open .smil
file with Internet Explorer, they will not see any alerts and the
malicious .smil file will be opened without any delay, thus allowing
a more effective way of exploitation.
BroadWeb Security Service Team (BSST) has released the
countermeasure signatures in signature versioin 2.80, which
includes:
# 1051806_ EXPLOIT RealPlayer SMIL File Handling Buffer Overflow
NetKeeper users are urged to upgrade their signature patterns to
version 2.80 or later in order to thwart these attacks.
(BSST, Broadweb Security Service Team) |
