Real Player Problems

By admin | Jun 27, 2005

Real Player LogoReal Networks has issued a bulletin and patches for a recent string of vulnerabilities. The vulnerabilities are:

  • Exploit 1: To fashion a malicious MP3 file to allow the overwriting of a local file or execution of an ActiveX control on a customer’s machine.
  • Exploit 2: To fashion a malicious RealMedia file which uses RealText to cause a heap overflow to allow an attacker to execute arbitrary code on a customer’s machine.
  • Exploit 3: To fashion a malicious AVI file to cause a buffer overflow to allow an attacker to execute arbitrary code on a customer’s machine.
  • Exploit 4: Using default settings of earlier Internet Explorer browsers, a malicious website could cause a local HTML file to be created and then trigger an RM file to play which would then reference this local HTML file.
  • The vulnerabilites exist with numerous versions of realplayer on various operating systems. Update your realplayer to address these security problems. The vulnerabilities could allow a remote attacker to run malicious code on your machine.



    Related Posts:

    No related posts
    4 Comments so far
    1. imhomeless June 27, 2005 10:21 pm

      so what platform does it affect?

    2. Administrator June 28, 2005 9:01 am

      thanks for stopping by imhomeless. sorry for neglecting to insert the hyperlink to the bulletin. i updated it to include it - that should help!

    3. Joe Anderson June 28, 2005 2:53 pm

      I don’t use Real apart from when I have to!

    4. DON FERGUSON December 21, 2006 7:14 am

      wE got patchy sound cuts in and out

    Leave a Comment

    If you would like to make a comment, please fill out the form below.

    Name (required)

    Email (required)

    Website

    Comments

    © 2007 PaulTech Network, - Daily Blog Tips Themes