module

RealPlayer RealMedia File Handling Buffer Overflow

Try Surface Command
Back to search
Disclosed
2012-12-14
Created
2018-05-30

Description

This module exploits a stack based buffer overflow on RealPlayer
The vulnerability exists in the handling of real media files, due to the insecure
usage of the GetPrivateProfileString function to retrieve the URL property from an
InternetShortcut section.

This module generates a malicious rm file which must be opened with RealPlayer via
drag and drop or double click methods. It has been tested successfully on Windows
XP SP3 with RealPlayer 15.0.5.109.

Author

suto suto@vnsecurity.net

Platform

Windows

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use exploit/windows/fileformat/real_player_url_property_bof
    msf exploit(real_player_url_property_bof) > show targets
        ...targets...
    msf exploit(real_player_url_property_bof) > set TARGET < target-id >
    msf exploit(real_player_url_property_bof) > show options
        ...show and set options...
    msf exploit(real_player_url_property_bof) > exploit
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today