Security patches issued for RealPlayers - News - Security

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

Security patches issued for RealPlayers

By Dawn Kawamoto, CNET News.com
March 04, 2005
URL: http://www.zdnet.com.au/news/security/soa/Security-patches-issued-for-RealPlayers/0,130061744,139183327,00.htm

RealNetworks has released a patch for its popular audio-video players in an effort to prevent attacks via buffer overflows.

RealNetwork's patches address vulnerabilities in the software that would allow an attacker to run arbitrary or malicious code on a person's computer when a malicious WAV or SMIL file is processed.

Secunia, a security information company, rated the vulnerabilities as "critical."

RealNetworks released updates on Tuesday for flaws in the Mac RealPlayer 10 and these Windows players: RealPlayer 10.5, RealPlayer 10, RealPlayer Enterprise and certain versions of RealOne Player v2.

Upgrades are required for Windows players RealOne Player v1, RealPlayer 8 and certain versions of RealOne Player v2. Upgrades are also needed for the Mac RealOne Player, Linux RealPlayer 10, and the Helix Player for Linux.

Another flaw was discovered in the players in October. That vulnerability could have allowed an attacker to create fake movie files that would run a program on victims' computers.