CVE-2007-5601

EXPLOITED

Realnetworks Realplayer - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16497

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by anonymous · javascriptremotewindows

https://www.exploit-db.com/exploits/30692

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/realplayer_import.rb

View Code ZIP pw:eip

References (10)

[Vendor Advisory] http://secunia.com/advisories/27248

[US Government Resource] http://www.kb.cert.org/vuls/id/871673

[Third Party Advisory] http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA07-297A.html

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/3548

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/37280

[Various Sources] http://service.real.com/realplayer/security/191007_player/en/

[Various Sources] http://www.infosecblog.org/2007/10/nasa-bans-ie.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/26130

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018843

Scores

EPSS 0.6796

EPSS Percentile 98.6%

Details

VulnCheck KEV 2010-05-01

CWE

CWE-119

Status published

Products (3)

realnetworks/realplayer 10.0

realnetworks/realplayer 10.5

realnetworks/realplayer 11_beta

Published Oct 20, 2007

Tracked Since Feb 18, 2026