RealNetworks issues advisory for more critical flaws

In less than a week, RealNetworks Inc. widened the scope of its advisory to include all previous versions of its popular media players.

RealNetworks Inc. has released a second round of updates in less than a week for critical vulnerabilities in its RealPlayer, RealOne and HelixPlayer that could be exploited by an attacker to gain access to a system.

The second round expands the scope if the first advisory, addressing a different flaw in the way the players handle media files. Last week, the Seattle-based digital entertainment services vendor confirmed that attackers could exploit versions 10.5 and 11 beta of its popular media player to run malicious code on targeted machines.

This time versions 10.5 and earlier are affected, RealNetworks said in its updated advisory.

The problem is with boundary errors occurring when the players attempt to play various media files. An attack could be carried out when the victim visits malicious Web sites with Microsoft's Internet Explorer Web browser.

"We have received no reports of any machines actually compromised as a result of the now-remedied vulnerabilities," RealNetworks said.

Danish vulnerability clearinghouse Secunia rated the flaw "highly critical," since an exploit can be carried out remotely.

Dig deeper on Securing Productivity Applications

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close