This Metasploit module exploits a stack overflow in RealNetworks RealPlayer 10 and 8. By creating a URL link to a malicious SMIL file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.smil'. This Metasploit module has been tested with RealPlayer 10 build 6.0.12.883 and RealPlayer 8 build 6.0.9.584.
7622e58e805d1bd82f5121d369c155d848e821fd78515d2564d1ef9413b10947
iDEFENSE Security Advisory 03.01.05 - Remote exploitation of a stack-based buffer overflow vulnerability in the The Synchronized Multimedia Integration Language (smil) file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code.
2632879bb5375cffc7b6de250f1ab88228e76ba9eb83439be161087ec3c781cd