CyberInsecure.com

Daily cyber threats and internet security news alerts
April 3rd, 2008

RealPlayer Vulnerability Exploited In The Wild

Exploits for the RealPlayer ‘rmoc3260.dll’ ActiveX Control Memory Corruption Vulnerability are being reported and rated as critical. A complete exploit was published for this vulnerability and it is confirmed in RealPlayer version 11.0.1 (build 6.0.14.794) including rmoc3260.dll version 6.0.10.45. Other versions may also be affected.

Impacted sites have ranged from forums, to webmail, to news agencies. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely crash the application.

Norton Internet Security 2008, Norton AntiVirus 2008, and Norton 360 version 2 customers will see this attack blocked by the existing MSIE RealPlayer rmoc ActiveX BOIPS signature. Some variants of this attack may be blocked as HTTP Internet Explorer Heap Spray Buffer Overflow. Additionally, antivirus signatures are available for Bloodhound.Exploit.182, protecting customers from threats attempting to exploit this vulnerability.

Solution:

Update to version 11.0.2 (build 6.0.14.802) via e.g. “Check for Update” in the “Help->About RealPlayer” menu.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn
More on CyberInsecure:
  • Zero-day Microsoft Windows NSlookup.exe Vulnerability Exploited In The Wild
  • Highly Critical Vulnerabilities Fixed In Urgent RealPlayer Update
  • ICQ 6 Personal Status Processing Vulnerability
  • Microsoft Patches Critical Database And Office Flaws
  • avast! Home And Professional aavmker4.sys Privilege Escalation

    • Posted in Vulnerabilities | Print This Post Print This Post

    This entry was posted on Thursday, April 3rd, 2008 at 7:34 am and is filed under Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: RealPlayer Vulnerability Exploited In The Wild

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
    Click to hear an audio file of the anti-spam word

    « « Apple QuickTime Multiple Remote Vulnerabilities
    Webwasher Denial Of Service Vulnerability » »