kaspersky

kaspersky

Компания имеет право поставлять ...

http://www.viruslist.com/en/advisories/33810
http://www.kaspersky.com/
1.
RealPlayer IVR File Processing Two Vulnerabilities
+
Technical Support
Home products
Business product
Downloads
Trial Versions
Product Updates
Beta Testing
Home & Home Office
Kaspersky
Internet Security
Special
Edition for Ultra-Portables
Kaspersky
Anti-Virus
Kaspersky
Mobile Security
Compare Products
Upgrade
Products for Business
Open Space
Security
Targeted Security
How to Buy
Services for Business
Kaspersky® Hosted
Security
About Us
Why Kaspersky?
Virus Analysts
Press Center
Partners
OEM Partnerships
Affiliate Partners



Secunia ID SA33810

CVE-ID CVE-2009-0375, CVE-2009-0376

Release Date 10 Feb 2009

Criticality Highly
Critical
Typically used for remotely exploitable vulnerabilities that can lead to
system compromise. Successful exploitation does not normally require any
interaction but there are no known exploits available at the time of
disclosure.
Such vulnerabilities can exist in services like FTP, HTTP, and SMTP or in
client systems like email programs or browsers.

Solution Status Vendor Patch

Software RealPlayer 11.x

Where From remote
"From remote" describes other vulnerabilities where the attack vector doesn't
require access to the system or a local network.
This category covers services that are acceptable to expose to the Internet
(e.g. HTTP, HTTPS, SMTP). It also covers client applications used on the
Internet and certain vulnerabilities where it is reasonable to assume that a
security conscious user can be tricked into performing certain
actions.

Impact DoS (Denial of Service)
This includes vulnerabilities ranging from excessive resource consumption
(e.g. causing a system to use a lot of memory) to crashing an application or
an
entire system.

System access
This covers vulnerabilities where malicious people are able to gain system
access and execute arbitrary code with the privileges of a local user.


Description Some vulnerabilities have been reported in RealPlayer, which can be exploited
by malicious people to compromise a vulnerable system.
1) An input validation error within the processing of Internet Video
Recording (IVR) files can be exploited to cause a memory corruption when a
specially crafted IVR file is viewed.
2) An unspecified error within the processing of IVR files can be exploited
to write a NULL-byte to an arbitrary memory address via an overly long file
name
length value within a specially crafted IVR file.
Successful exploitation potentially allows execution of arbitrary code e.g.
when a user visits a malicious web page.

Solution According to the reporter this is fixed in the latest version of RealPlayer
11.

Reported by Haifei Li, Fortinet's FortiGuard Global Security Research Team

Original Advisory http://www.fortiguardcenter.com/advisory/FGA-2009-04.html
2.
News
07.14
Matousec -
Transparent Security, June
07.10
Kaspersky Lab
holds 10th biannual summit of virus analysts
07.09
Kaspersky Lab
Holds First East European Partner
Conference
-
Virus Watch
Name of malicious program ↑ Detection time Update released
19 July 2009
Trojan-Spy.Win32.Lydra.cqg 22:54
Trojan.Win32.Agent.cqtq 22:54
Trojan.Win32.Possador.js 22:54
P2P-Worm.Win32.Palevo.ihl 22:54
Trojan.Win32.Monder.crpv 22:54
not-a-virus:FraudTool.Win32.XpPoliceAntivirus.ali 22:54
Trojan-Downloader.Win32.FraudLoad.whyf 22:54
not-a-virus:AdWare.Win32.OneStep.fux 22:54
P2P-Worm.Win32.Palevo.ihm 22:54
Trojan.Win32.Agent2.cgqu 22:54
not-a-virus:FraudTool.Win32.AntivirusXPPro.hp 22:54
Trojan-Spy.Win32.Agent.axxd 22:54
Trojan-Dropper.Win32.Hexzone.abh 22:54
Trojan.Win32.Shutdowner.dwo 22:54
Trojan-Dropper.Win32.Kamboda.bcl 22:54
Trojan-Downloader.Win32.FraudLoad.whyg 22:54
Trojan-Downloader.Win32.Peregar.atp 22:54
Trojan-Downloader.Win32.Adload.hff 22:54
P2P-Worm.Win32.Palevo.ihn 22:54
Trojan.Win32.Monderb.avie 22:54
not-a-virus:Monitor.Win32.PCSpy.kx 22:54
Trojan.Win32.BHO.wpu 22:54
Trojan.Win32.DNSChanger.tsb 22:54
Trojan.Win32.Monderb.avif 22:54
Trojan-Downloader.Win32.Murlo.bnb 22:54
Worm.Win32.AutoRun.asak 22:54
Backdoor.Win32.Agent.aiup 22:54
not-a-virus:FraudTool.Win32.XpPoliceAntivirus.alh 22:54
Trojan-Downloader.Win32.Zlob.bicd 22:54
Backdoor.Win32.Hupigon.hjyx 22:54

-ω