Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Advisories

Advisories

Unpatched RealPlayer = Your Worst Nightmare

The application is once again vulnerable to attacks

By Bogdan Popa, Security and Search Engines Editor

3rd of January 2008, 18:14 GMT

Adjust text size:


RealPlayer in action
Enlarge picture
RealPlayer has always managed to remain in the spotlight, but not only with good things as the applications has been often the subject of security advisories published on the web. Today, it's the time. It's the time when RealPlayer is once again vulnerable to attacks and it seems like this time, it may be a serious one. Security company
Secunia published a notification entitled "RealPlayer Unspecified Buffer Overflow Vulnerability", stating that it can be easily used to compromise an affected computer.

"The vulnerability is caused due to an unspecified error and can be exploited to cause a buffer overflow. No further information is available. Successful exploitation allows execution of arbitrary code", Secunia wrote in the advisory.

It seems like the only affected version is RealPlayer 11 build 6.0.14.748. US-CERT also published a security alert informing the users that they were "aware of a public report stating that working exploit code is available for RealPlayer."

Obviously, RealNetworks, the creators of the application, has been informed about the vulnerability and started an investigation on the report. The developers claim that a Russian security company discovered the exploit and published it on the web, which is pretty dangerous for all the RealPlayer users. "It seems they just wrote a script and decided to post it and say, 'Hey, we can do this'," Ryan Luckin, a RealNetworks spokesman, told SCMagazineUS.com.

In case you're one of those affected users, you're probably looking for a solution to avoid a potential exploitation and remain secure while using the program. Until an official fix released by the RealPlayer developers, you're advised to avoid opening "untrusted media files or browse untrusted websites", as Secunia mentioned in the security notification.

If you'd like to download the latest version of RealPlayer, you can take it straight from Softpedia using this link.

TAGS:

 security | vulnerability | realplayer | flaw


Rating:
Good (3.0/5) 6 vote(s) so far    

Read by 556 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


iTunes Goes After RealPlayer

RealPlayer to Bring YouTube Ripping

RealPlayer: First, It Was a YouTube Partner. Now, It's a Rival!

Real News: RealPlayer Harmed by Real Flaw!

Let Me Introduce You to the First Windows XP Christmas Infection

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive