RealNetworks has issued fixes for four critical vulnerabilities in its RealPlayer program.
The patches cover bugs that affect RealPlayer versions 10 and 11 and RealPlayer Enterprise, a configurable version that is customised for use in corporations.
The vulnerabilities are ranked "highly critical" by tracking firm Secunia. One of the flaws can be exploited to cause a heap-based buffer overflow when processing a malicious Shockwave Flash file (SWF).
The bug is the only of the four that affects RealPlayer for Windows, Mac and Linux platforms.
The other flaws relate to an ActiveX control error, which can cause a heap memory corruption; an unknown local resources error; and an ActiveX error, which can be exploited to launch a stack-based buffer overflow.
RealNetworks, in an advisory, recommends users upgrade their products to the latest version.
See original article on scmagazineus.com
Four fixes shipped for "critical" RealPlayer holes
By
Dan Kaplan
on Jul 29, 2008 11:26AM
RealNetworks, maker of RealPlayer, has issued an update to address four serious bugs.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Promoted Content
Albemarle cuts e-waste, capex spend "substantially" by hiring rather than buying
Promoted Content
Do you know where your data sleeps at night?
Modular computing is helping businesses think bigger without having to go bigger
Promoted Content
Kick the tyres of AI systems using real world data at #BuildWithAI Hack 2021
Sponsored Whitepapers
The CISO View 2021 Survey: Zero Trust and Privileged Access
How and why to backup your Office 365 tenant
ForgeRock for Australia’s Trusted Digital Identity Framework (TDIF)
How engineering has been operating in the dark and what to do about it
The Top Six Digital Transformation Trends Shaping Business and Society
