Lasse Penttinen
2 Apr 2003 11:15
These well known multimedia player softwares are used by many people, especially for Internet streaming. According to the source some fairly serius security issues have been discovered in these products.
The vulnerabilities have cropped up in RealNetworks' RealPlayer and Apple Computer's QuickTime. While unrelated, the weak spots could allow an intruder to execute damaging arbitrary code on a victim's computer. In both cases, updates are available to remedy the problem.
Security experts are increasingly concerned about hackers exploiting digital media players, which are designed to accept Web addresses and scripts--a key route for self-propagating, hostile code.
The vulnerabilities of RealPlayer are present in all versions above v8, on the Windows and Macintosh platforms. Also the RealOne player is affected, but the open-source Helix client is not. In QuickTime the issues are present in version 5.0 -> 6.0, but the fresh 6.1 promises to fix things.
News.com