|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-03-26 | |
| Rule Name: | RealNetworks RealGames StubbyUtil.ProcessMgr ActiveX Command Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple remote command execution vulnerabilities exist in RealNetworks RealGames StubbyUtil.ProcessMgr ActiveX. The vulnerabilities are due to design flaws in four insecurely implemented methods. An attacker can leverage this vulnerability by enticing a target user to open a crafted web page. Successful exploitation would result in the execution of arbitrary commands within the security context of the logged in user. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |