RealNetworks Releases A Real Patch
RealNetworks, makers of the much-discussed Real Player, have released a patch addressing a number of security issues related to the media player.
Amongst other fixes, the patch addresses a vulnerability allowing malicious users to execute code on players by using harmful sound files. Real offers this description:
Exploit 1: To fashion a malicious WAV file to cause a buffer overflow which could have allowed an attacker to execute arbitrary code on a customer’s machine.
Exploit 2: To fashion a malicious SMIL file to cause a buffer overflow which could have allowed an attacker to execute arbitrary code on a customer’s machine.
These vulnerabilities have been rated as critical.
Patches have been developed for the various operating system environments, including Linux and Mac. Download the applicable patch here.
WebProNews | Breaking eBusiness News
Your source for investigative ebusiness reporting and breaking news.