Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Real player exploit made public

Published: 2008-03-11
Last Updated: 2008-03-11 12:23:41 UTC
by Swa Frantzen (Version: 1)
0 comment(s)

Real player is probably installed on many of your computers, and an exploit for an unpatched vulnerability was made public on the full-disclosure mailing list.

As a result, those using ActiveX capable browsers (read: MSIE) are vulnerable to attack, with no patch on the horizon yet.

Workarounds:

  • Set killbits for:
    rmoc3260.dll version 6.0.10.45
    {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}

    But this will also remove the genuine functionality of the player.
  • Use a browser that doesn't support ActiveX (there's plenty of those).

--
Swa Frantzen -- Gorilla Security

Keywords:
0 comment(s)
Diary Archives