Real Networks has issued a bulletin and patches for a recent string of vulnerabilities. The vulnerabilities are:
Exploit 1: To fashion a malicious MP3 file to allow the overwriting of a local file or execution of an ActiveX control on a customer’s machine.
Exploit 2: To fashion a malicious RealMedia file which uses RealText to cause a heap overflow to allow an attacker to execute arbitrary code on a customer’s machine.
Exploit 3: To fashion a malicious AVI file to cause a buffer overflow to allow an attacker to execute arbitrary code on a customer’s machine.
…
Exploit 4: Using default settings of earlier Internet Explorer browsers, a malicious website could cause a local HTML file to be created and then trigger an RM file to play which would then reference this local HTML file.
The vulnerabilites exist with numerous versions of realplayer on various operating systems. Update your realplayer to address these security problems. The vulnerabilities could allow a remote attacker to run malicious code on your machine.
Digg it
Add to del.icio.us
Stumble it
add to technorati
Related Posts:
No related posts
Real Networks has issued a bulletin and patches for a recent string of vulnerabilities. The vulnerabilities are:
so what platform does it affect?
thanks for stopping by imhomeless. sorry for neglecting to insert the hyperlink to the bulletin. i updated it to include it - that should help!
I don’t use Real apart from when I have to!
wE got patchy sound cuts in and out