RealNetworks
RealNetworks has issued a RealPlayer security advisory

RealPlayer gets security fix

Four vulnerabilities patched

Shaun Nichols in San Francisco

vnunet.com, 29 Jul 2008

RealNetworks has issued a new security advisory for its RealPlayer multimedia player.

The advisory addresses four vulnerabilities which could be exploited by an attacker to remotely execute code on a vulnerable system.

Advertisement

Two of the flaws target ActiveX vulnerabilities, and both could allow an attacker to remotely execute code.

ActiveX controls are used by Internet Explorer to interact with third-party applications.

The other two flaws include a vulnerability in the handling of SWF files and a flaw described by the company as a "local resource reference" vulnerability.

Version 10.5 and earlier of the Windows version of RealPlayer are vulnerable to all four flaws, while the 11.0.0 versions are vulnerable only to one of the ActiveX flaws. Mac and Linux versions of RealPlayer 10 are vulnerable to the SWF flaw.

Users are advised to update to the most recent version of RealPlayer 11 on all three platforms.

None of the four vulnerabilities affects the Rhapsody 4 software, nor any of Real's mobile handset software offerings.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Do you agree?

Have your say on this article

Further reading

RealPlayer flaw raises security flags

Be wary of unknown files, say experts

Attackers feast on Real Player flaw

Real promises to patch hole as soon as possible

RealPlayer 11 allows online video capture

Users can download clips and burn them to CD or DVD

Blinkx wades further into online video

New platform offers contextual online video advertising

Related whitepapers

Related jobs

Most watched

Summit video: Intel discusses processors designed for data overload (part one of two)

Intel explains how its Xeon processors can handle data-intensive apps

Summit: Intel discusses processors for data overload (part 2 of 2)

More thoughts on how servers can help manage overload

More video

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

deloitte

Summit interview: Deloitte discusses security implications of the data deluge

We chat to Mike Maddison, UK head of Security, Privacy...

ibm logo

IBM boosts mobile shopping with WebSphere Commerce

Update designed to give mobile users a richer, more personalised...

Summit: Intel discusses processors for data overload (part 2 of 2)

More thoughts on how servers can help manage overload

chrome logo

Google plans a Mac version of Chrome

A Mac-friendly version of the browser is in the pipeline

Primary Navigation