Trend Micro Security

Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow Vulnerability

  危険度: : 緊急
  CVE識別番号: CVE-2010-4393

  概要

Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1004614
  Trend Micro Deep Security DPI Rule Name: 1004614 - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow

  影響を受けるソフトウェア

  • realnetworks realplayer 11.0
  • realnetworks realplayer 11.1
  • realnetworks realplayer 14.0.0
  • realnetworks realplayer 14.0.1
  • realnetworks realplayer_sp 1.0.0
  • realnetworks realplayer_sp 1.0.1
  • realnetworks realplayer_sp 1.0.2
  • realnetworks realplayer_sp 1.0.5
  • realnetworks realplayer_sp 1.1
  • realnetworks realplayer_sp 1.1.1
  • realnetworks realplayer_sp 1.1.2
  • realnetworks realplayer_sp 1.1.3
  • realnetworks realplayer_sp 1.1.4
  • realnetworks realplayer_sp 1.1.5