Popular Internet media players from RealNetworks must be upgraded to fix multiple vulnerabilities. Errors in handling music and video files can lead to remote code execution or system compromise.
More than 350 million registered users employ Internet media players like RealOne and RealPlayer, including enterprise employees. Jouko Pynnonen and other security researchers at NGSSoftware have .discovered that these players have heap and buffer overflows when parsing media files, including RAM (RealAudio), RP (RealPix ), RPM (RealAudio Plugin), RT (RealText) and SMIL (synchronized multimedia integration language) formats
Malicious attackers can create media files that will cause overflows and possibly execute arbitrary code on the user's machine. The RPM file vulnerability may also allow the download and execution of arbitrary code on a user's system. The altered media files can reside passively on a remote Web site until a user clicks on them or could be in an e-mail attachment.
The vulnerability affects RealOne Player version 1 and 2, RealPlayer 8 and 10, and RealOne Enterprise Desktop. RealPlayer suffered similar problems in April 2003 with PNG (Portable Network Graphics) format files. RealNetworks has supplied upgrades.