This module exploits an arbitrary file download vulnerability in the RecordingManager Control included in RealPlayer SP. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 and 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability caused due to a boundary error in the ierpplug.dll of the RealPlayer application. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Realtek Media Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error when handling .PLA files. . This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Real Media Player are vulnerable to a heap buffer overflow when provided with a specially crafted .rmp file with malformed TRACKID tags. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a heap-based buffer overflow in the rmoc3260.dll ActiveX Control included in Real Player 11. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
RealPlayer is prone to a stack based buffer overflow when opening specially crafted Real Media files. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A code execution vulnerability exists in the way that RealPlayer parses files encoded with Cook codec. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
A code execution vulnerability exists in the way that RealPlayer handles specially crafted .QCP files when opening in Internet Explorer 6,7 and 8 This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in RealPlayer. The vulnerable software does not properly initialize an unspecified object component during parsing of a malformed CDDA URI. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients (Internet Explorer with a vulnerable StubbyUtil.InstallerDlg.1 ActiveX Control) to connect to it. When the client connects, it will try to install an agent by sending a specially crafted HTML page which exploits the Real Networks Arcade Game's ActiveX control. ActiveX Control Remote Code Execution Vulnerability. The affected ActiveX control is installed when choosing to play any game from Realnetworks Arcade http://www.gamehouse.com/