RealPlayer: Execute Arbitrary Code/Commands -- Remote with User Interaction

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2011.0106
              RealPlayer patches 19 security vulnerabilities
                             24 November 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              RealPlayer
                      Mac RealPlayer
Operating System:     Windows
                      Mac OS X
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-4262 CVE-2011-4261 CVE-2011-4260
                      CVE-2011-4259 CVE-2011-4258 CVE-2011-4257
                      CVE-2011-4256 CVE-2011-4255 CVE-2011-4254
                      CVE-2011-4253 CVE-2011-4252 CVE-2011-4251
                      CVE-2011-4250 CVE-2011-4249 CVE-2011-4248
                      CVE-2011-4247 CVE-2011-4246 CVE-2011-4245
                      CVE-2011-4244  
Member content until: Saturday, December 24 2011

OVERVIEW

        A new version of RealPlayer has been released correcting 19
        vulnerabilities for Mac and Windows. [1]


IMPACT

        The 19 vulnerabilities allow remote code execution as the currently
        logged in user. The 19 vulnerabilities are: [1]
        
         - CVE-2011-4244: RealPlayer RealVideo Renderer Heap Buffer Overflow Vulnerability
         - CVE-2011-4245: RealPlayer RealVideo Renderer Memory Corruption Vulnerability
         - CVE-2011-4246: RealPlayer AAC Codec Memory Corruption Vulnerability
         - CVE-2011-4247: Realplayer QCELP Stream Parsing Remote Code Execution Vulnerability
         - CVE-2011-4248: RealPlayer Malformed AAC File Parsing Remote Code Execution Vulnerability
         - CVE-2011-4249: RealPlayer RV30 Sample Arbitrary Index Remote Code Execution Vulnerability
         - CVE-2011-4250: RealPlayer ATRC Codec Parsing Remote Code Execution Vulnerability
         - CVE-2011-4251: RealPlayer RealAudio Sample Size Parsing Remote Code Execution Vulnerability
         - CVE-2011-4252: RealPlayer RV10 Sample Height Parsing Remote Code Execution Vulnerability
         - CVE-2011-4253: RealPlayer RV20 Decoding Remote Code Execution Vulnerability
         - CVE-2011-4254: RealPlayer RTSP SETUP Request Remote Code Execution Vulnerability
         - CVE-2011-4255: RealPlayer Invalid Codec Name Remote Code Execution Vulnerability
         - CVE-2011-4256: RealPlayer Invalid Codec Name Remote Code Execution Vulnerability
         - CVE-2011-4257: RealPlayer Cook Codec Channel Parsing Remote Code Execution Vulnerability
         - CVE-2011-4258: RealPlayer IVR MLTI Chunk Length Parsing Remote Code Execution Vulnerability
         - CVE-2011-4259: RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
         - CVE-2011-4260: RealPlayer MP4 Malformed Header Remote Code Execution Vulnerability
         - CVE-2011-4261: RealPlayer MP4 Video Dimensions Heap Corruption Remote Code Execution Vulnerability
         - CVE-2011-4262: RealPlayer MP4 File Parsing Remote Code Execution Vulnerability


MITIGATION

        RealPlayer had released RealPlayer version 15.0 for Windows XP, Vista and 7 as well as
        RealPlayer version 12.0.0.1703 for Mac OS X 10.3 to 10.6. [1]


REFERENCES

        [1] RealNetworks, Inc. Releases Update to Address Security
            Vulnerabilities.
            http://service.real.com/realplayer/security/11182011_player/en/

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTs3abu4yVqjM2NGpAQLcRBAAkmwO/VZmX9l0Fq/6zFLN4CT/8P15Auos
uuESvK6K+t9fFheZliQyDcuu6h7Uu/C7tGjYktFqnjVgHMlcZJFkiFIBQ+rEO7pA
Vb8cRcXLVeAiY7GXdN7PdgN1OnqfhIOm6fu3MRiZXKm2Yn/Cj9eH14wvEwlQTdej
XQXg6qcSggfLxYvq5LrrKATgqSV4sXNBWLQTdJaQiAAS7XowAN29zfYRZhi4aovY
rHRi/SSwt9Du/2QU5opJx+neS4yD9FKlXHnqc1YptLP/hKH+Lh9tUkJNn+LY8he4
oUgetip4IIaaqxjVuF8etwqvQEtUkIAyASdCLyBQb+iqeshQ79DaheVvxHgMpJe/
iiKd6Xq3KVzA4p+BxoCWNoFrxmaswY6MPYhX3HACdtcX6LUyIcUfVXErhftsO2s/
u5B7vr+U2wXK1DRX/Xh0LG7SEa3dMtJQBCigd3HwczqO1sPxMX2lRpEpYneprre2
mRUDNihZNgLNxxatxn40DPDeFcAjCdcDjH1CQm4hC+xjSzia6WkrsbIh/+uxisru
r0IqArqkJYrltXBGiZG9rBdiX6bvZCRWXnv3300sToKuy7s3J+aW0/2DSKVQRrxO
NEp6JLZjM2Bi6mU+BE8HMIgT8bwTvh1chGdYiM5ffKa9Ch96LOtZnXJaBpbEWhwm
IzhpBKHTjUo=
=z71c
-----END PGP SIGNATURE-----