Article

RealNetworks issues advisory for more critical flaws

SearchSecurity.com Staff

RealNetworks Inc. has released a second round of updates in less than a week for critical vulnerabilities in its RealPlayer, RealOne and HelixPlayer that could be exploited by an attacker to gain access to a system.

The second round expands the scope if the first advisory, addressing a different flaw in the way the players handle media files. Last week, the

    Requires Free Membership to View

Seattle-based digital entertainment services vendor confirmed that attackers could exploit versions 10.5 and 11 beta of its popular media player to run malicious code on targeted machines.

This time versions 10.5 and earlier are affected, RealNetworks said in its updated advisory.

The problem is with boundary errors occurring when the players attempt to play various media files. An attack could be carried out when the victim visits malicious Web sites with Microsoft's Internet Explorer Web browser.

"We have received no reports of any machines actually compromised as a result of the now-remedied vulnerabilities," RealNetworks said.

Danish vulnerability clearinghouse Secunia rated the flaw "highly critical," since an exploit can be carried out remotely.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: