RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption VulnerabilityZDI-08-047: July 25th, 2008
TippingPoint™ IPS Customer ProtectionTippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 5834. For further product information on the TippingPoint IPS:
This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must visit a malicious web site.
The specific flaw exists in the rmoc3260 ActiveX control exposed through the following CLSIDs:
Specifying malicious values for the 'Controls' or 'Console' properties with a specific timing results in a memory corruption which can lead to code execution under the context of the current user.
Vendor ResponseRealNetworks has issued an update to correct this vulnerability. More details can be found at:
2008-02-07 - Vulnerability reported to vendor
2008-07-25 - Coordinated public release of advisory
CreditThis vulnerability was discovered by: