Rapid7 Vulnerability & Exploit Database

RHSA-2008:0812: RealPlayer security update

Back to Search

RHSA-2008:0812: RealPlayer security update

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
07/28/2008
Created
07/25/2018
Added
02/22/2009
Modified
07/04/2017

Description

RealPlayer is a media player that provides media playback locally and viastreaming.RealPlayer 10.0.9 is vulnerable to a critical security flaw and should nolonger be used. A remote attacker could leverage this flaw to executearbitrary code as the user running RealPlayer. (CVE-2007-5400)This issue is addressed in RealPlayer 11. Red Hat is unable to shipRealPlayer 11 due to additional proprietary codecs included in thatversion. Therefore, users who wish to continue to use RealPlayer should getan update directly from www.real.com.This update removes the RealPlayer 10.0.9 packages due to their knownsecurity vulnerabilities.

Solution(s)

  • redhat-upgrade-realplayer-uninstall

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;