CVE-2012-4987 Information

Description

Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature.

Reference

http://osvdb.org/86721 http://packetstormsecurity.org/files/117691/Realplayer-Watchfolders-Long-Filepath-Overflow.html http://seclists.org/fulldisclosure/2012/Oct/189 http://www.reactionpenetrationtesting.co.uk/realplayer-watchfolders.html http://www.securityfocus.com/bid/56324 https://exchange.xforce.ibmcloud.com/vulnerabilities/79663