Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Real player exploit made public SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Real player exploit made public

Real player is probably installed on many of your computers, and an exploit for an unpatched vulnerability was made public on the full-disclosure mailing list.

As a result, those using ActiveX capable browsers (read: MSIE) are vulnerable to attack, with no patch on the horizon yet.

Workarounds:

  • Set killbits for:
    rmoc3260.dll version 6.0.10.45
    {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}

    But this will also remove the genuine functionality of the player.
  • Use a browser that doesn't support ActiveX (there's plenty of those).

--
Swa Frantzen -- Gorilla Security

Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!