The script then attempts to create a buffer overflow. This is done by importing the following local file:
into a playlist using an extremely long name that causes the stack to overflow. When successfully exploited, an attacker may execute arbitrary code on the infected machine.
The vulnerable ActiveX Control in Real play is named IERPCtl and can be used to import files from the local machine to a specified playlist in RealPlay.
A security update for this vulnerability is available from the following RealPlay site:
This exploit can be used to execute arbitrary code on an affected machine, hence, there are no symptoms specific to this detection.