Attackers target RealPlayer

Bill Brenner

Symantec Corp. warned late Thursday that attackers are actively targeting an unpatched flaw in Real Networks' popular RealPlayer multimedia viewer to run malicious code via the victim's Web browser.

According to an emailed advisory the Cupertino, Calif.-based security vendor sent customers of its DeepSight Threat Management service, RealPlayer is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks of user-supplied input before copying it to an insufficiently sized memory buffer.

"Attackers can exploit this issue to execute arbitrary code in the context of the application using the affected control (typically Internet Explorer)," Symantec said. "Successful attacks can compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions."

Symantec deemed the attack activity significant enough to raise its ThreatCon to level 2.

To prevent successful exploits, Symantec recommends users disable Active Scripting in Internet Explorer or set the kill bit on the associated CLSID.

    Requires Free Membership to View

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: