SAINT CorporationSAINT:97331F3C2A146F4C487975F87CBE649ERealPlayer RMP File Version Attribute Buffer Overflow
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.2%
Added: 12/27/2013
CVE: CVE-2013-6877
BID: 64398
OSVDB: 101356
Background
RealNetworks RealPlayer includes an embedded player which plays media embedded in a web page.
Problem
RealNetworks Windows RealPlayer 17.0.2.206 and earlier versions are vulnerable to remote code execution due to improper bounds checking of the version attribute inside the XML declaration. By persuading a vulnerable user to open a specially crafted **RMP** file, a remote attacker could cause a stack buffer overflow, allowing execution of arbitrary code on the system.
Resolution
Upgrade to Windows RealPlayer 17.0.4.61 or higher.
References
<http://service.real.com/realplayer/security/12202013_player/en/>
Limitations
Exploit works against RealPlayer 16.0.3.51 and 16.0.2.32 on Windows XP SP2/SP3.
The user must save the **.rmp** file and open it in the vulnerable version of RealPlayer.
Platforms
Windows
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.2%