Real patches critical RealPlayer vulnerabilities
updated 11:00 am EDT, Mon July 28, 2008
RealPlayer vulnerabilities
Real has fixed four "highly critical" security issues spread across the Mac, Windows and Linux versions of RealPlayer, according to a Secunia report. While two of the vulnerabilities are Windows-only, in that they relate to ActiveX controls, at least one is known to be universal. In this a design flaw is said to exist within the handling of frames in Shockwave Flash files, which in an unpatched copy of the software, could be used to create a heap-based buffer overflow.
The last vulnerability is described only as an "unspecified error," which could be used to "reference local resources." Affected Mac versions of RealPlayer include v10 and v10.1; both Secunia and Real recommend upgrading to v11 to solve the problem.
Real?
07/28, 01:03pm reply
What is Real Player?
dlstarr7
Fresh-Faced Recruit
Joined: Sep 2003
re: Real?
07/28, 02:06pm reply
Real is a commercial company that produced proprietary formats for audio and video content on the Internet. It is a longtime competitor for QuickTime and Windows Media in the area of Internet-based media content. You may find its website here:
http://www.real.com/
MacScientist
Fresh-Faced Recruit
Joined: Feb 2000