In association with heise online

17 May 2012, 12:02

RealPlayer update fixes security vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

RealPlayer logo

RealNetworks is warning users about multiple security vulnerabilities in its RealPlayer media player application for Windows; the company says that none of the, now fixed, holes are known to have been used to compromise systems.

The released update, version 15.0.4.53 of RealPlayer, closes three security holes. One hole is related to ASM RuleBook parsing that could be exploited by an attacker to remotely execute arbitrary code, another is a memory corruption problem related to MP4 file handling in the QuickTime plugin used by RealPlayer, and the third is a buffer overrun in the Media parser.

RealPlayer Versions 11.0 to 11.1 and 14.0.0 to 15.0.3.37, as well as RealPlayer SP 1.0 to 1.1.5 are affected; RealPlayer for Mac is not vulnerable. RealPlayer 15.0.4.53 – available for Windows 7, Vista SP1 and XP SP3 – corrects these problems. All users are advised to upgrade to the latest version. An alternative option is to simply uninstall RealPlayer as very few sites use it exclusively.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1578444
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit