Real Player - Critical Security Updates - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Real Player - Critical Security Updates

If you use Real Player or Rhapsody, there are critical security updates that should be applied as soon as possible.

http://service.real.com/realplayer/security/03162006_player/en/

RealNetworks is making available product upgrades that contain security bug fixes. We have received no reports of any machines actually compromised as a result of the now-remedied vulnerabilities.

http://secunia.com/advisories/19358/

Some vulnerabilities have been reported in various RealNetworks products, which can be exploited by malicious people to compromise a user's system.

1) A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system.

2) A boundary error within the handling of web pages can be exploited via a specially crafted web page on a malicious server to cause a heap-based buffer overflow. This may allow execution of arbitrary code on the user's system.

3) A boundary error in the processing of MBC files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system.

Posted: Mar 23 2006, 03:16 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.