14 DAY TRIAL // Real Networks has released fixes for four vulnerabilities in the RealPlayer software. Two of them involve the overwriting of file systems through the simple accessing of a media file and allow an attacker to take control of your computer.
According to iDefense, the most dangerous flaw is found in the RealMedia format and allows hackers to control of the machine; it affects the RealPlayer versions for OS X, Windows and Linux.
Another flaw affects the majority of the RealPlayer software for Windows and uses Audio Video Interleaved (.avi) to Real media to overwrite the heap memory of the computer.
To take advantage of this flaw, the attacker needs a web page that contains a movie configured to start automatically.
RealNetworks also solved the flaws that allow an attacker to create an mp3 file which overwrites files from a system or executes ActiveX controls.