AfterDawn: Tech news

Big security flaw found in RealPlayer -- patch available

Written by Petteri Pyyny (Google+) @ 06 Feb 2004 14:31

Big security flaw found in RealPlayer -- patch available Finnish security expert Jouko Pynnönen and British NGSSoftware have found a severe security vulnerability in RealNetworks' RealPlayer software.
The flaw can allow malicious access to user's PC. The flaw can be used by creating an amended RealMedia file and to use that file to cause a buffer overflow on user's PC. So, it is not possible to "attack" your RealPlayer, but if you open a RealMedia file from suspectible website or download one from the Net, it might contain alterations that allow exposing this security hole.

Luckily, RealNetworks has already issued a patch for the problem. Patch can be downloaded from here:

http://www.service.real.com/help/faq/security/040123_player/EN/

More information:

RealNetworks
TechWorld

Previous Next  
Comments have been disabled for this article.

News archive