Sign-up

ID

VAR-201001-0746


CVE

CVE-2009-4247


TITLE

Realnetworks RealPlayer In ASM RuleBook Processing vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2010-001053

DESCRIPTION

Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow.". Realnetworks RealPlayer Is ASM RuleBook There is a vulnerability in the processing of.Skillfully crafted by a third party ASM RuleBook Can cause effects related to array overflow. A remote attacker could exploit these issues by crafting a file and enticing an unsuspecting user to open it using a vulnerable application. Successful exploits will allow the attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following are vulnerable: RealPlayer SP 1.0.0 through 1.0.1 RealPlayer 11 11.0.0 through 11.0.5 RealPlayer 10.5 6.0.12.1040 through 6.0.12.163, 6.0.12.1675, 6.0.12.1698, and 6.0.12.1741 RealPlayer 10 and 10.1 Helix Player 11.0.0 through 11.0.2. RealNetworks RealNetworks RealPlayer is a set of media player products developed by RealNetworks in the United States. The product provides features for downloading/converting videos (in web pages), editing videos, managing media files, and more. ---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: RealPlayer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA38218 VERIFY ADVISORY: http://secunia.com/advisories/38218/ DESCRIPTION: Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a vulnerable system. 2) An unspecified error when processing GIF images can be exploited to cause a heap-based buffer overflow. 3) A vulnerability is caused due to an unspecified error related to HTTP chunk encoding. 4) An unspecified error within the RealPlayer SIPR codec can be exploited to cause a heap-based buffer overflow. 5) An unspecified error when processing compressed GIF images can be exploited to cause a heap-based buffer overflow. 6) An unspecified error within the RealPlayer SMIL parsing can be exploited to cause a heap-based buffer overflow. 7) An unspecified error within the RealPlayer skin parsing can be exploited to cause a stack-based buffer overflow. 9) An unspecified boundary error related to RealPlayer RTSP "set_parameter" can be exploited to cause a buffer overflow. 10) Two vulnerabilities are caused due to errors within the processing of Internet Video Recording (IVR) files. Please see the vendor's advisory for details. http://service.real.com/realplayer/security/01192010_player/en/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Evgeny Legerov * anonymous persons working with iDEFENSE Labs * John Rambo and anonymous researchers working with TippingPoint's Zero Day Initiative ORIGINAL ADVISORY: http://service.real.com/realplayer/security/01192010_player/en/ OTHER REFERENCES: SA33810: http://secunia.com/advisories/33810/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For more information: SA38218 SOLUTION: Updated packages are available via Red Hat Network

Trust: 2.16

sources: NVD: CVE-2009-4247 // JVNDB: JVNDB-2010-001053 // BID: 37880 // VULHUB: VHN-41693 // PACKETSTORM: 85439 // PACKETSTORM: 86184

AFFECTED PRODUCTS

vendor:realnetworksmodel:realplayerscope:eqversion:11.0.1

Trust: 1.9

vendor:realnetworksmodel:realplayerscope:eqversion:11.0.0

Trust: 1.6

vendor:realnetworksmodel:helix playerscope:eqversion:10.0

Trust: 1.6

vendor:realnetworksmodel:realplayerscope:eqversion:10.0

Trust: 1.6

vendor:realnetworksmodel:helix playerscope:eqversion:11.0.1

Trust: 1.6

vendor:realnetworksmodel:realplayerscope:eqversion:11.0

Trust: 1.6

vendor:realnetworksmodel:realplayerscope:eqversion:10.1

Trust: 1.6

vendor:realnetworksmodel:helix playerscope:eqversion:11.0.0

Trust: 1.6

vendor:realnetworksmodel:realplayer spscope:eqversion:1.0.1

Trust: 1.3

vendor:realnetworksmodel:realplayerscope:eqversion:11.0.5

Trust: 1.3

vendor:realnetworksmodel:realplayerscope:eqversion:11.0.4

Trust: 1.3

vendor:realnetworksmodel:realplayerscope:eqversion:11.0.3

Trust: 1.3

vendor:realnetworksmodel:realplayerscope:eqversion:11.0.2

Trust: 1.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5

Trust: 1.3

vendor:realnetworksmodel:realplayer spscope:eqversion:1.0.0

Trust: 1.0

vendor:realnetworksmodel:realplayer enterprisescope:eqversion:*

Trust: 1.0

vendor:sun microsystemsmodel:solarisscope:eqversion:10

Trust: 0.8

vendor:realmodel:realnetworks realplayerscope:eqversion:(enterprise)

Trust: 0.8

vendor:realmodel:realnetworks realplayerscope:eqversion:10

Trust: 0.8

vendor:realmodel:realnetworks realplayerscope:eqversion:10.5

Trust: 0.8

vendor:realmodel:realnetworks realplayerscope:eqversion:11

Trust: 0.8

vendor:realmodel:realnetworks realplayerscope:eqversion:sp 1.0.0

Trust: 0.8

vendor:realmodel:realnetworks realplayerscope:eqversion:sp 1.0.1

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4.8 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4.8 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:4.0

Trust: 0.8

vendor:sunmodel:solaris 10 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solaris 10 sparcscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux wsscope:eqversion:4

Trust: 0.3

vendor:redhatmodel:enterprise linux esscope:eqversion:4

Trust: 0.3

vendor:redhatmodel:enterprise linux asscope:eqversion:4

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop versionscope:eqversion:4

Trust: 0.3

vendor:realnetworksmodel:realplayer spscope:eqversion:1.0

Trust: 0.3

vendor:realnetworksmodel:realplayer enterprisescope:eqversion:1.7

Trust: 0.3

vendor:realnetworksmodel:realplayer enterprisescope:eqversion:1.6

Trust: 0.3

vendor:realnetworksmodel:realplayer enterprisescope:eqversion:1.5

Trust: 0.3

vendor:realnetworksmodel:realplayer enterprisescope:eqversion:1.2

Trust: 0.3

vendor:realnetworksmodel:realplayer enterprisescope:eqversion:1.1

Trust: 0.3

vendor:realnetworksmodel:realplayer enterprisescope: - version: -

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.331

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.503

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.481

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.412

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.396

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.352

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.325

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:1010.0.0.305

Trust: 0.3

vendor:realnetworksmodel:realplayer for mac osscope:eqversion:10

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.1.3114

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.9

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.8

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.7

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.6

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.5

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.4

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.3

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.2

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:1010.0.1

Trust: 0.3

vendor:realnetworksmodel:realplayer for linuxscope:eqversion:10

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1741

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1698

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1675

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1663

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1483

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1348

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1235

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1069

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1059

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1056

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1053

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:10.5v6.0.12.1040

Trust: 0.3

vendor:realnetworksmodel:realplayerscope:eqversion:11

Trust: 0.3

sources: BID: 37880 // JVNDB: JVNDB-2010-001053 // CNNVD: CNNVD-201001-250 // NVD: CVE-2009-4247

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-4247
value: HIGH

Trust: 1.0

NVD: CVE-2009-4247
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201001-250
value: CRITICAL

Trust: 0.6

VULHUB: VHN-41693
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-4247
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-41693
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-41693 // JVNDB: JVNDB-2010-001053 // CNNVD: CNNVD-201001-250 // NVD: CVE-2009-4247

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-41693 // JVNDB: JVNDB-2010-001053 // NVD: CVE-2009-4247

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201001-250

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201001-250

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001053

PATCH
title:Releases Update to Address Security Vulnerabilitiesurl:http://service.real.com/realplayer/security/01192010_player/en
Trust: 0.8
title:セキュリティ脆弱性に対応するアップデートをリリースurl:http://service.real.com/realplayer/security/01192010_player/ja/
Trust: 0.8
title:RHSA-2010:0094url:http://rhn.redhat.com/errata/RHSA-2010-0094.html
Trust: 0.8
title:cve_2009_4247_buffer_overflowurl:http://blogs.sun.com/security/entry/cve_2009_4247_buffer_overflow
Trust: 0.8
title:RealPlayer11GOLDurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=5474
Trust: 0.6
title:RealPlayer11GOLDurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=5473
Trust: 0.6
title:RealPlayerSPurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=5472
Trust: 0.6
title:RealPlayerSPGoldurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=5471
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2010-001053 // 
            
            
            
            CNNVD: CNNVD-201001-250

EXTERNAL IDS
db:BIDid:37880
Trust: 2.8
db:NVDid:CVE-2009-4247
Trust: 2.8
db:SECUNIAid:38218
Trust: 2.6
db:SECTRACKid:1023489
Trust: 2.5
db:VUPENid:ADV-2010-0178
Trust: 2.5
db:XFid:55802
Trust: 1.4
db:SECUNIAid:38450
Trust: 1.2
db:JVNDBid:JVNDB-2010-001053
Trust: 0.8
db:CNNVDid:CNNVD-201001-250
Trust: 0.7
db:REDHATid:RHSA-2010:0094
Trust: 0.6
db:MLISTid:[PROTOCOL-CVS] 20090828 RTSP RTSPCLNT.CPP,1.244,1.245
Trust: 0.6
db:MLISTid:[HELIX-CLIENT-DEV] 20090828 CR: 249097 - SECURITY FIX - URGENT CR REQUESTED
Trust: 0.6
db:ZDIid:ZDI-10-010
Trust: 0.3
db:ZDIid:ZDI-10-008
Trust: 0.3
db:ZDIid:ZDI-10-006
Trust: 0.3
db:ZDIid:ZDI-10-005
Trust: 0.3
db:ZDIid:ZDI-10-007
Trust: 0.3
db:VULHUBid:VHN-41693
Trust: 0.1
db:PACKETSTORMid:85439
Trust: 0.1
db:PACKETSTORMid:86184
Trust: 0.1
sources:
            
            
            VULHUB: VHN-41693 // 
            
            
            
            BID: 37880 // 
            
            
            
            JVNDB: JVNDB-2010-001053 // 
            
            
            
            PACKETSTORM: 85439 // 
            
            
            
            PACKETSTORM: 86184 // 
            
            
            
            CNNVD: CNNVD-201001-250 // 
            
            
            
            NVD: CVE-2009-4247

REFERENCES
url:http://www.securityfocus.com/bid/37880
Trust: 2.5
url:http://securitytracker.com/id?1023489
Trust: 2.5
url:http://secunia.com/advisories/38218
Trust: 2.5
url:http://www.vupen.com/english/advisories/2010/0178
Trust: 2.5
url:http://service.real.com/realplayer/security/01192010_player/en/
Trust: 2.1
url:https://bugzilla.redhat.com/show_bug.cgi?id=561338
Trust: 1.7
url:https://helixcommunity.org/viewcvs/protocol/rtsp/rtspclnt.cpp?view=log#rev1.245
Trust: 1.7
url:http://lists.helixcommunity.org/pipermail/helix-client-dev/2009-august/008092.html
Trust: 1.7
url:http://lists.helixcommunity.org/pipermail/protocol-cvs/2009-august/001943.html
Trust: 1.7
url:http://www.redhat.com/support/errata/rhsa-2010-0094.html
Trust: 1.7
url:http://xforce.iss.net/xforce/xfdb/55802
Trust: 1.4
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10677
Trust: 1.1
url:http://secunia.com/advisories/38450
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/55802
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4247
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4247
Trust: 0.8
url:http://blogs.sun.com/security/entry/cve_2009_4247_buffer_overflow
Trust: 0.3
url:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=839
Trust: 0.3
url:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=837
Trust: 0.3
url:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=838
Trust: 0.3
url:http://www.realnetworks.com/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-10-005/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-10-006/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-10-007/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-10-008/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-10-010/
Trust: 0.3
url:/archive/1/509286
Trust: 0.3
url:/archive/1/509293
Trust: 0.3
url:/archive/1/509288
Trust: 0.3
url:/archive/1/509100
Trust: 0.3
url:/archive/1/509096
Trust: 0.3
url:/archive/1/509105
Trust: 0.3
url:/archive/1/509098
Trust: 0.3
url:/archive/1/509104
Trust: 0.3
url:http://secunia.com/advisories/38218/
Trust: 0.2
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.2
url:http://secunia.com/blog/71/
Trust: 0.2
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.2
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.2
url:http://secunia.com/advisories/33810/
Trust: 0.1
url:http://secunia.com/advisories/38450/
Trust: 0.1
url:http://rhn.redhat.com
Trust: 0.1
url:http://rhn.redhat.com/errata/rhsa-2010-0094.html
Trust: 0.1
sources:
            
            
            VULHUB: VHN-41693 // 
            
            
            
            BID: 37880 // 
            
            
            
            JVNDB: JVNDB-2010-001053 // 
            
            
            
            PACKETSTORM: 85439 // 
            
            
            
            PACKETSTORM: 86184 // 
            
            
            
            CNNVD: CNNVD-201001-250 // 
            
            
            
            NVD: CVE-2009-4247

CREDITS
Evgeny Legerov, anonymous researchers working with iDEFENSE Labs, John Rambo, Peter Vreugdenhil working with TippingPoint's Zero Day Initiative, and anonymous researchers working with TippingPoint's Zero Day Initiative
Trust: 0.9
sources:
            
            
            BID: 37880 // 
            
            
            
            CNNVD: CNNVD-201001-250

SOURCES
db:VULHUBid:VHN-41693
db:BIDid:37880
db:JVNDBid:JVNDB-2010-001053
db:PACKETSTORMid:85439
db:PACKETSTORMid:86184
db:CNNVDid:CNNVD-201001-250
db:NVDid:CVE-2009-4247

LAST UPDATE DATE
2024-11-23T21:47:35.684000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-41693date:2017-09-19T00:00:00
db:BIDid:37880date:2010-07-13T20:27:00
db:JVNDBid:JVNDB-2010-001053date:2010-07-23T00:00:00
db:CNNVDid:CNNVD-201001-250date:2011-07-13T00:00:00
db:NVDid:CVE-2009-4247date:2024-11-21T01:09:14.620

SOURCES RELEASE DATE
db:VULHUBid:VHN-41693date:2010-01-25T00:00:00
db:BIDid:37880date:2010-01-20T00:00:00
db:JVNDBid:JVNDB-2010-001053date:2010-02-17T00:00:00
db:PACKETSTORMid:85439date:2010-01-20T16:00:34
db:PACKETSTORMid:86184date:2010-02-11T10:10:16
db:CNNVDid:CNNVD-201001-250date:2010-01-25T00:00:00
db:NVDid:CVE-2009-4247date:2010-01-25T19:30:01.510