SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   RealOne (RealPlayer) Vendors:   RealNetworks
(Vendor Issues Fix) RealPlayer Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code
SecurityTracker Alert ID:  1015805
SecurityTracker URL:  http://securitytracker.com/id/1015805
CVE Reference:   CVE-2005-2936   (Links to External Site)
Date:  Mar 22 2006
Impact:   Execution of arbitrary code via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.5
Description:   iDEFENSE reported a vulnerability in RealPlayer. A local user may be able to cause arbitrary code to be executed by another user.

The software makes an incorrect CreateProcess() function call when launching a component application. As a result, the software may search multiple system paths to find the (ostensibly) proper component. A local user can create arbitrary code with the same name as the intended application. If the code is placed in the appropriate directory and the target application is executed by the target user, the arbitrary code will be executed with the privileges of the target user.

The vendor was notified on September 19, 2005.

The original advisory is available at:

http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities

Impact:   A local user can cause arbitrary code to be executed with the privileges of the target user.
Solution:   The vendor has issued a fix.

The vendor's advisory is available at:

http://www.service.real.com/realplayer/security/03162006_player/en/

Vendor URL:  www.service.real.com/realplayer/security/03162006_player/en/ (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
Nov 16 2005 RealPlayer Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC