Attackers target RealPlayer

Symantec warned late Thursday that a flaw in the popular RealPlayer multimedia viewer is being actively exploited by attackers in the wild.

Symantec Corp. warned late Thursday that attackers are actively targeting an unpatched flaw in Real Networks' popular RealPlayer multimedia viewer to run malicious code via the victim's Web browser.

According to an emailed advisory the Cupertino, Calif.-based security vendor sent customers of its DeepSight Threat Management service, RealPlayer is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks of user-supplied input before copying it to an insufficiently sized memory buffer.

"Attackers can exploit this issue to execute arbitrary code in the context of the application using the affected control (typically Internet Explorer)," Symantec said. "Successful attacks can compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions."

Symantec deemed the attack activity significant enough to raise its ThreatCon to level 2.

To prevent successful exploits, Symantec recommends users disable Active Scripting in Internet Explorer or set the kill bit on the associated CLSID.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close