Jump to content

Realplayer/realone Vulnerability


Recommended Posts

Secunia writes:

Description:

Piotr Bania has reported a vulnerability in Realplayer and RealOne, which can be exploited by malicious people to compromise a user's system.

 

The vulnerability is caused due to a boundary error when processing RAM files and can be exploited to cause a buffer overflow via a specially crafted RAM file.

 

Successful exploitation allows execution of arbitrary code.

 

The vulnerability affects the following products:

* RealPlayer 10.5 (6.0.12.1040-1059)

* RealPlayer 10

* RealOne Player v2

* RealOne Player v1

* RealPlayer 8

* RealPlayer Enterprise

* Mac RealPlayer 10 (10.0.0.305 - 331)

* Mac RealOne Player

* Linux RealPlayer 10 (10.0.0 - 3)

* Helix Player (10.0.0 - 3)

 

Solution:

Apply patches.

 

RealOne / RealPlayer for Windows and Mac:

Patches are available via the "Check for Update" feature.

 

RealPlayer Enterprise:

http://docs.real.com/docs/pnen3260.dll

 

RealPlayer 10 for Linux:

http://www.real.com/linux

 

Helix Player for Linux:

http://player.helixcommunity.org/downloads/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...