SCF Advanced Search

  • Total Posts: 40153
  • Total Topics: 14262
  • Online Today: 834
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: RealNetworks Patches Four Critical Bugs in Multimedia Player  (Read 2046 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

RealNetworks has issued four critical patches for several versions of its RealPlayer running on Windows, Linux and Apple's Mac OS X.

The flaws could allow a hacker to run malicious code on a PC or cause the computer to reveal information, according to an advisory from Secunia, a security vendor based in Denmark.

RealPlayer is an application that plays audio and video streamed over the Internet.

RealNetworks has published a table detailing which vulnerabilities affect certain player versions on the different platforms. Some users will need to download an entire new version of the application, while others may be able to just download patches.

One of the problems involves the handling of frames in SWF (Shockwave Flash) files due to a design error, which can cause a heap-based buffer overflow, Secunia said.

Another problem causes a stack-based buffer overflow when a media file is imported using an ActiveX control, Microsoft's technology that adds extra functionality to Web pages.

A third flaw is described by RealPlayer as allowing local resources to be accessed. The fourth also involves ActiveX, where a timing issue with "Controls", "Console", or "WindowName" properties can be maliciously manipulated to corrupt RealPlayer's memory, Secunia said.

Secunia ranked the flaws as "highly critical," the vendor's second-highest ranking of risk. The flaws were found by Peter Vreugdenhil, Elazar Broad, Dyon Balding of Secunia and another anonymous researcher, Secunia said.

News Source: PC World

Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising