Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Real Player - Critical Security Updates

Real Customer Support  If you use Real Player or Rhapsody, there are critical security updates that should be applied as soon as possible.

http://service.real.com/realplayer/security/03162006_player/en/

RealNetworks is making available product upgrades that contain security bug fixes. We have received no reports of any machines actually compromised as a result of the now-remedied vulnerabilities.

http://secunia.com/advisories/19358/

Some vulnerabilities have been reported in various RealNetworks products, which can be exploited by malicious people to compromise a user's system.

1) A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system.

2) A boundary error within the handling of web pages can be exploited via a specially crafted web page on a malicious server to cause a heap-based buffer overflow. This may allow execution of arbitrary code on the user's system.

3) A boundary error in the processing of MBC files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system.