Changeset 1622

Show
Ignore:
Timestamp:
04/23/08 20:07:45 (3 weeks ago)
Author:
jose
Message:

[phoneyc]
support for CVE-2008-1309

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • phoneyc/trunk/ActiveX.py

    r1621 r1622  
    2626        self.clsid['6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB'] = PPStream() 
    2727        self.clsid['FDC7A535-4070-4B92-A0EA-D9994BCC0DC5'] = RealPlayer() 
     28        self.clsid['2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93'] = RealPlayer() 
     29        self.clsid['0FDF6D6B-D672-463B-846E-C6FF49109662'] = RealPlayer() 
     30        self.clsid['224E833B-2CC6-42D9-AE39-90B6A38A4FA2'] = RealPlayer() 
     31        self.clsid['2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93'] = RealPlayer() 
     32        self.clsid['3B46067C-FD87-49B6-8DDD-12F0D687035F'] = RealPlayer() 
     33        self.clsid['3B5E0503-DE28-4BE8-919C-76E0E894A3C2'] = RealPlayer() 
     34        self.clsid['44CCBCEB-BA7E-4C99-A078-9F683832D493'] = RealPlayer() 
     35        self.clsid['A1A41E11-91DB-4461-95CD-0C02327FD934'] = RealPlayer() 
     36        self.clsid['CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA'] = RealPlayer() 
    2837        self.clsid['5D86DDB5-BDF9-441B-9E9E-D4730F4EE499'] = BitDefender() 
    2938        self.clsid['E23FE9C6-778E-49D4-B537-38FCDE4887D8'] = VLC() 
     
    244253        self.js_src = self.load_js_src('RealPlayer.js') 
    245254        self.classname = 'RealPlayer' 
    246         self.cve_id = ('CVE-2007-5601',
     255        self.cve_id = ('CVE-2007-5601', 'CVE-2008-1309',
    247256        self.description = 'RealMedia RealPlayer Ierpplug.DLL ActiveX Control' 
    248257 

  • phoneyc/trunk/modules/jscript/RealPlayer.js

    r1458 r1622  
    22// CVE-2007-5601 
    33 
     4function watch_real(prop, oldv, newv) { 
     5    if (newv.length > 255) { 
     6        add_alert('Possible RealPlayer heap corroption with ' + prop.toString() + ' property'); 
     7    } 
     8} 
     9 
    410function RealPlayer() { 
    5         this.DoAutoUpdateRequest=function(arg0, arg1, arg2) { 
    6                 if ((arg0.length > 1000) || (arg1.length > 1000)) { 
    7                         add_alert('RealPlayer 10.5 ierpplug.dll overflow in DoAutoUpdateRequest()'); 
    8                 } 
     11    this.Console = ''; 
     12    this.watch('Console', watch_real); 
     13    this.DoAutoUpdateRequest=function(arg0, arg1, arg2) { 
     14        if ((arg0.length > 1000) || (arg1.length > 1000)) { 
     15            add_alert('RealPlayer 10.5 ierpplug.dll overflow in DoAutoUpdateRequest()'); 
    916        } 
    10         this.PlayerProperty=function(arg) { 
    11                 if (arg.length > 1000) { 
    12                         add_alert('RealPlayer 10.5 ierpplug.dll overflow in PlayerProperty()'); 
    13                 } 
    14                 return("6.0.11.1"); 
     17    } 
     18    this.PlayerProperty=function(arg) { 
     19        if (arg.length > 1000) { 
     20            add_alert('RealPlayer 10.5 ierpplug.dll overflow in PlayerProperty()'); 
    1521        } 
    16         this.Import=function(url, arg1, arg2, arg3) { 
    17                 if (arg1.length > 1000) { 
    18                         add_alert('RealPlayer 10.5 ierpplug.dll overflow in Import()'); 
    19                } 
    20                return(this); 
     22        return("6.0.11.1"); 
     23    } 
     24    this.Import=function(url, arg1, arg2, arg3) { 
     25        if (arg1.length > 1000) { 
     26            add_alert('RealPlayer 10.5 ierpplug.dll overflow in Import()'); 
    2127        } 
     28        return(this); 
     29    } 
    2230}