Content

Exploit-RealPlay.a

Type
Trojan
SubType
Exploit
Discovery Date
10/18/2007
Length
Varies
Minimum DAT
5145 (10/19/2007)
Updated DAT
5289 (05/06/2008)
Minimum Engine
5.1.00
Description Added
10/18/2007
Description Modified
10/18/2007 11:08 PM (PT)
Risk Assessment
Corporate User
Low
Home User
Low

Tab Navigation

Characteristics

Exploit-RealPlay.a is a generic detection for malicious Javascript code that attempts to exploit an unknown buffer overflow vulnerability affecting RealPlayer 11 Beta, 10.5 or older versions via an ActiveX control plugin.

 

Symptoms

When successful, such exploits may silently install malware on the vulnerable target systems or cause Internet Explorer / Real Player to crash.

 

Method of Infection

This exploit targets an unknown buffer overflow vulnerability affecting RealPlayer 11 Beta, 10.5 or older versions via an ActiveX control plugin.

Removal

All Users:
Use specified engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Variants

Variants

    N/A

All Information

Overview -

Exploit-RealPlay.a is a generic detection for malicious Javascript code that attempts to exploit an unknown buffer overflow vulnerability affecting RealPlayer 11 Beta, 10.5 or older versions.

 

Characteristics

Characteristics -

Exploit-RealPlay.a is a generic detection for malicious Javascript code that attempts to exploit an unknown buffer overflow vulnerability affecting RealPlayer 11 Beta, 10.5 or older versions via an ActiveX control plugin.

 

Symptoms

Symptoms -

When successful, such exploits may silently install malware on the vulnerable target systems or cause Internet Explorer / Real Player to crash.

 

Method of Infection

Method of Infection -

This exploit targets an unknown buffer overflow vulnerability affecting RealPlayer 11 Beta, 10.5 or older versions via an ActiveX control plugin.

Removal -

Removal -

All Users:
Use specified engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Variants

Variants -

    N/A