Tue, Jul 29 2008 7:25
RealPlayer Releases Update
RealNetworks has released an
update to address multiple vulnerabilities in RealPlayer. These
vulnerabilities may allow an attacker to execute arbitrary code or
obtain sensitive information. RealNetworks identifies the
vulnerabilities as the following:
- RealPlayer ActiveX controls property heap memory corruption.
- Local resource reference vulnerability in RealPlayer.
- RealPlayer SWF file heap-based buffer overflow.
- RealPlayer ActiveX import method buffer overflow.
US-CERT encourages users to review the RealNetworks advisory and apply the appropriate updates to help mitigate the risk.
Filed under: Alerts