Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

The bug allows malware writers to potentially change heap blocks, which limit the amount of memory that can be stored, to overwrite certain registers, researcher Elazar Broad said today on the website for Neohapsis, a risk and security consultancy. Exploiting the flaw could result in the execution of malicious code.

RealPlayer uses an ActiveX control to play content inside a user's browser. The affected control is rmoc3260.dll version 6.0.10.45, Broad said.

In lieu of a fix, users are encouraged to set the kill bit for the control, he said.

A spokesman for RealPlayer, owned by Real Networks, did not immediately respond to a request for comment.

See original article on scmagazineus.com

Bendigo Bank taps Google Cloud for first major AI project

DTA plans 'register' of providers that underperform on gov tech projects

The NRL BI project that accidentally became a product

CBA's group CIO of three years to exit in December

Chemist Warehouse's AI tool for HR becoming a "standard pattern"

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Optus takes $826,000 hit for anti-scam breaches

Australia's AUKUS base to connect to subsea cables

Australia, US and UK sanction Russian cyber firms over ransomware links

JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack

Most popular tech stories

Chemist Warehouse's AI tool for HR becoming a "standard pattern"

NSW DPHI's latest digital transformation driven by housing reforms

Ticketek picks Google's Vertex AI for Stella web bot

RBA to overhaul source-to-pay

Qantas builds digital and AI centre in Adelaide

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Axis Communications opens experience centre in Sydney tech hub

Perth IoT vendor Digital Matter names new chief executive

Govt launches consumer tech label program for smart devices

Bendigo Bank taps Google Cloud for first major AI project

DTA plans 'register' of providers that underperform on gov tech projects

The NRL BI project that accidentally became a product

CBA's group CIO of three years to exit in December

Chemist Warehouse's AI tool for HR becoming a "standard pattern"

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Optus takes $826,000 hit for anti-scam breaches

Australia's AUKUS base to connect to subsea cables

Australia, US and UK sanction Russian cyber firms over ransomware links

JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack

Most popular tech stories

Chemist Warehouse's AI tool for HR becoming a "standard pattern"

NSW DPHI's latest digital transformation driven by housing reforms

Ticketek picks Google's Vertex AI for Stella web bot

RBA to overhaul source-to-pay

Qantas builds digital and AI centre in Adelaide

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Axis Communications opens experience centre in Sydney tech hub

Perth IoT vendor Digital Matter names new chief executive

Govt launches consumer tech label program for smart devices

Log In