RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerability
BID:12410
Info
RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerability
| Bugtraq ID: | 12410 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 01 2005 12:00AM |
| Updated: | Feb 01 2005 12:00AM |
| Credit: | "[email protected]" <[email protected]> disclosed this vulnerability. |
| Vulnerable: |
RealNetworks RealPlayer Enterprise RealNetworks RealPlayer 10.5 v6.0.12.1069 RealNetworks RealPlayer 10.5 v6.0.12.1059 RealNetworks RealPlayer 10.5 v6.0.12.1056 RealNetworks RealPlayer 10.5 v6.0.12.1053 RealNetworks RealPlayer 10.5 v6.0.12.1040 RealNetworks RealPlayer 10.5 Beta v6.0.12.1016 RealNetworks RealPlayer 10.5 RealNetworks RealPlayer 10.0 RealNetworks RealPlayer 8.0 Win32 RealNetworks RealOne Player 2.0 RealNetworks RealOne Player 1.0 |
| Not Vulnerable: | |
Discussion
RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerability
RealNetworks RealPlayer is reported susceptible to a security zone bypass vulnerability. This issue is due to a failure of the application to properly enforce security zones, potentially allowing remote attackers to execute HTML or script code in the Local Zone of affected client computers.
The embedded Internet Explorer engine in RealPlayer reportedly loads attacker-supplied files in the Local Zone, allowing attackers to execute malicious HTML and script code with potentially elevated privileges. This issue may be a variant, or be related to BIDs 10973, or 11466.
It is unclear at this time if a further vulnerability has been discovered by this disclosure. This BID will be updated as further analysis is completed.
RealNetworks RealPlayer is reported susceptible to a security zone bypass vulnerability. This issue is due to a failure of the application to properly enforce security zones, potentially allowing remote attackers to execute HTML or script code in the Local Zone of affected client computers.
The embedded Internet Explorer engine in RealPlayer reportedly loads attacker-supplied files in the Local Zone, allowing attackers to execute malicious HTML and script code with potentially elevated privileges. This issue may be a variant, or be related to BIDs 10973, or 11466.
It is unclear at this time if a further vulnerability has been discovered by this disclosure. This BID will be updated as further analysis is completed.
Exploit / POC
RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerability
A web site containing proof of concept code is located at:
http://www.malware.com/reelcigar.html
A web site containing proof of concept code is located at:
http://www.malware.com/reelcigar.html
Solution / Fix
RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerability
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the referenced advisory for further information.
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the referenced advisory for further information.
References
RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerability
References:
References:
- Real Networks Support: Security Issues (Real Networks)
- RealNetworks, Inc. Releases Update to Address Security Vulnerabilities (RealNetworks)
- RealPlayer Homepage (Real Networks)
- SAME LADY, DIFFERENT HAT: REELY ("[email protected] " <[email protected]>)