===================================================================== CERT-Renater Note d'Information No. 2010/VULN330 _____________________________________________________________________ DATE : 30/08/2010 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running RealPlayer versions 11.0, 11.1, RealPlayer SP versions 1.0 up to and including 1.1.4. ====================================================================== http://service.real.com/realplayer/security/08262010_player/en/ ______________________________________________________________________ RealNetworks, Inc. Releases Update to Address Security Vulnerabilities Updated August 26, 2010 RealNetworks is making available product upgrades that contain security bug fixes. We have received no reports of any machines actually being compromised as a result of the now-remedied vulnerabilities. RealNetworks always recommends upgrading your product to the most current version available to avoid security vulnerabilities. Current Software The current versions of our Player software are not affected by these vulnerabilities. Software Affected? Operating System Language RealPlayer SP 1.1.5 No Windows XP, Vista, Win7 All Supported Mac RealPlayer 12.0.0.1444 No Mac OS X 10.3 – 10.6 All Supported RealPlayer Enterprise 2.1.2 No Windows XP, Vista, Win7 English Linux RealPlayer 11.0 No Linux English Helix Player 11.0 No Linux English Affected Software: The table below contains a summary of which previous and current versions of the Windows RealPlayer software are susceptible to these vulnerabilities. The RealPlayer Enterprise, Mac RealPlayer, Linux RealPlayer, and Helix Player are not affected by any of these vulnerabilities. Windows RealPlayer CVE Number RealPlayer 11.0 – 11.1 RealPlayer SP 1.0 – 1.1.4 RealPlayer SP 1.1.5 CVE-2010-2996 X CVE-2010-3002 X CVE-2010-0116 X X CVE-2010-0117 X X CVE-2010-0120 X X CVE-2010-3001 X X CVE-2010-3000 X X CVE Descriptions: CVE-2010-2996 RealPlayer malformed IVR pointer index code execution vulnerability. Affected software: Windows RealPlayer 11.1 and prior. Credit to anonymous researchers working with TippingPoint's Zero Day Initiative for reporting this issue. CVE-2010-3002 RealPlayerActiveX unauthorized file access vulnerability. Affected software: Windows RealPlayer 11.1 and prior. Credit to Behrang Fouladi of SensePost for reporting this issue. CVE-2010-0116 RealPlayer QCP files parsing integer overflow vulnerability. Affected software: Windows RealPlayer SP 1.1.4 and prior. Credit to Alin Rad Pop, Secunia Research for reporting this issue. CVE-2010-0117 RealPlayer processing of dimensions in the YUV420 transformation of MP4 content vulnerability. Affected software: Windows RealPlayer SP 1.1.4 and prior. Credit to Carsten Eiram, Secunia Research for reporting this issue. CVE-2010-0120 RealPlayer QCP parsing heap-based buffer overflow vulnerability. Affected software: Windows RealPlayer SP 1.1.4 and prior. Credit to Carsten Eiram, Secunia Research for reporting this issue. CVE-2010-3001 RealPlayer ActiveX IE Plugin vulnerability opening multiple browser windows. Affected software: Windows RealPlayer SP 1.1.4 and prior. Credit to Steve Manzuik of Microsoft Vulnerability Research (MSVR) for reporting this issue. CVE-2010-3000 RealPlayer FLV parsing multiple integer overflow vulnerability. Affected software: Windows RealPlayer SP 1.1.4 and prior. Credit to Sebastian Apelt, siberas, working with TippingPoint's Zero Day Initiative for reporting this issue. Warranty: RealNetworks Inc. endeavors to provide you with the highest quality products and services, but cannot guarantee, and does not warrant, that the operation of any RealNetworks product will be error-free, uninterrupted or secure. Please see your original license agreement for details of our limited warranty or warranty disclaimer. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================