RealNetworks RealPlayer QCP Parsing

Added: 09/12/2011
CVE: CVE-2011-2950
BID: 49172
OSVDB: 74549

Background

RealPlayer is a media player application which can play back various multimedia file formats, including QCP audio files. The QCP file format is frequently used to provide ring tones and to record voice for cellular telephones.

Problem

A heap buffer overflow vulnerability exists in RealPlayer qcpfformat.dll when handling fmt chunks in QCP files.

Resolution

Upgrade to the latest version of RealPlayer, as identified in August 2011 Real Player update.

References

http://zerodayinitiative.com/advisories/ZDI-11-265/

Limitations

Exploit works on RealNetworks RealPlayer 14.0.2.633 on Microsoft Windows XP with KB959426. The target user must open the exploit page using Internet Explorer 8.

Platforms

Windows XP

Back to exploit index