Gravità: : Critico
  Identificatori CVE: CVE-2010-4393
  Data notifica: 21 luglio 2015

  Descrizione

Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.

  Informazioni esposizione:

Apply associated Trend Micro DPI Rules.

  Soluzioni

  Trend Micro Deep Security DPI Rule Number: 1004614
  Trend Micro Deep Security DPI Rule Name: 1004614 - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow

  Software e versione interessati:

  • realnetworks realplayer 11.0
  • realnetworks realplayer 11.1
  • realnetworks realplayer 14.0.0
  • realnetworks realplayer 14.0.1
  • realnetworks realplayer_sp 1.0.0
  • realnetworks realplayer_sp 1.0.1
  • realnetworks realplayer_sp 1.0.2
  • realnetworks realplayer_sp 1.0.5
  • realnetworks realplayer_sp 1.1
  • realnetworks realplayer_sp 1.1.1
  • realnetworks realplayer_sp 1.1.2
  • realnetworks realplayer_sp 1.1.3
  • realnetworks realplayer_sp 1.1.4
  • realnetworks realplayer_sp 1.1.5