Gravedad: Crítico
  Identificadores de CVE : CVE-2010-4393
  Fecha recomendada: 21 de julio de 2015

  Descripción

Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.

  Revelación de la información

Apply associated Trend Micro DPI Rules.

  Soluciones

  Trend Micro Deep Security DPI Rule Number: 1004614
  Trend Micro Deep Security DPI Rule Name: 1004614 - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow

  Software y versión afectados

  • realnetworks realplayer 11.0
  • realnetworks realplayer 11.1
  • realnetworks realplayer 14.0.0
  • realnetworks realplayer 14.0.1
  • realnetworks realplayer_sp 1.0.0
  • realnetworks realplayer_sp 1.0.1
  • realnetworks realplayer_sp 1.0.2
  • realnetworks realplayer_sp 1.0.5
  • realnetworks realplayer_sp 1.1
  • realnetworks realplayer_sp 1.1.1
  • realnetworks realplayer_sp 1.1.2
  • realnetworks realplayer_sp 1.1.3
  • realnetworks realplayer_sp 1.1.4
  • realnetworks realplayer_sp 1.1.5