RealPlayer flaw raises security flags

Be wary of unknown files, say experts

Shaun Nichols in California

vnunet.com, 07 Jan 2008

Security experts are warning users to be vigilant after the disclosure of a new security vulnerability in RealPlayer.

The flaw could allow an attacker to remotely execute code on a victim's machine.

Advertisement

Security researcher Evgeny Legerov originally posted the vulnerability on New Year's Day, but did not specify the exact nature of the flaw.

Secunia reported in an advisory that the problem is in fact a buffer overflow error. If exploited, the error could cause an application crash which would give an attacker the ability to execute code.

Buffer overflow errors are often used by attackers to install malware. Secunia advises users to avoid opening untrusted files or visiting suspicious websites.

Security firm Sans Institute also urged users to avoid suspicious files and sites, and recommends that system administrators block access to a pair of domains which have shown a history of exploiting RealPlayer flaws.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

Attackers feast on Real Player flaw

Real promises to patch hole as soon as possible

RealPlayer 11 allows online video capture

Users can download clips and burn them to CD or DVD

Microsoft and Real agree $761m settlement

New partnership ends antitrust battle

Related whitepapers

Related jobs

Most watched

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file sharers

Intel unveils its micro server platform

Small-enclosure systems take aim at hosting market

More video

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

V3.co.uk Information Overload Summit starts today

We've finally cut the ribbon on V3.co.uk's inaugural Summit event...

rich media

Summit: Is the ECM industry up to the information overload challenge?

In part one of our report, we talk to EMC...

hacker

Summit: UK 'in danger of being left behind' on security

Experts warn behavioural monitoring is essential to protect sensitive data

Apple Magic Mouse

Review: Apple Magic Mouse

Multi-touch makes an appearance on Apple's latest mouse

Primary Navigation