News Stay informed about the latest enterprise technology news and product updates.

Beware of RealPlayer ActiveX flaw

Danish vulnerability clearinghouse Secunia is warning of a newly discovered security hole in the massively used RealPlayer application. The “highly critical” flaw, disclosed by researcher Elazar Broad, is unpatched at this point.

“The vulnerability is caused due to an error within the RealPlayer ActiveX Control (rmoc3260.dll) when handling the ‘Console’ property,” Secunia said in its SA29315 advisory. “This can be exploited to cause a memory corruption and execute arbitrary code when a user e.g. is tricked into visiting a malicious website.”

Secunia confirmed the flaw in RealPlayer version 11.0.1 (build 6.0.14.794) including rmoc3260.dll version 6.0.10.45. Other versions may also be affected, the firm warned.

Until a patch is released, users are advised to set the kill-bit for the affected ActiveX control.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I know about this problem with Real Player and I've already unistalled. I think that Real Player must to recall this products.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close