CVE-2013-6877

Related Files

RealNetworks RealPlayer Version Attribute Buffer Overflow

Posted Dec 26, 2013

Authored by Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.

tags | exploit, remote, overflow, arbitrary

advisories | CVE-2013-6877

SHA-256 | 8a8a413478986610cfe01a2463f28c4cb1a4e732df507042bac07cef2741232e

Download | Favorite | View

RealNetworks RealPlayer 16 Buffer Overflow

Posted Dec 25, 2013

Authored by Gabor Seljan

RealNetworks RealPlayer versions 16.0.3.51 and 16.0.2.32 buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow

advisories | CVE-2013-6877

SHA-256 | 58542a3b53839183c22c124f4c3d3ee9a380986526edc0d4edc243944855703e

Download | Favorite | View

RealPlayer Heap-Based Buffer Overflow

Posted Dec 20, 2013

Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - RealPlayer is prone to a security vulnerability when processing RMP files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing RealPlayer users to open a specially crafted RMP file (client-side attack). Versions 16.0.2.32 and 16.0.3.51 are affected.

tags | exploit, remote, arbitrary

advisories | CVE-2013-6877

SHA-256 | 138c669ee28a20c01fad95f2ddae01490a953b8043d0631d15f8c2f418a3d9c1

Download | Favorite | View