Security warnings have been released for two of the most popular digital media players - RealNetworks' RealOne player and Apple's QuickTime.
RealNetworks released an advisory warning that its flagship RealOne Player is at risk both on Windows and Mac OS X, as well as RealOne Player version 2 for Windows, RealPlayer 8 for Windows and Mac OS 9, RealOne Enterprise Desktop Manager and RealOne Enterprise Desktop.
The company warned that a maliciously corrupted Portable Network Graphicfile, viewable through a web browser, could cause 'heap corruption' and allow an attacker to execute arbitrary code on a system.
Experts are also warning of an unrelated vulnerability in Apple's QuickTime media player, where an exploitable buffer overflow could allow for the execution of arbitrary code.
Security firm iDefense released an advisory detailing how a URL containing more than 400 characters would overrun allocated space on the stack and allow arbitrary code to be slotted in.
"Any remote attacker can compromise a target system if he or she can convince a user to load a specially crafted exploit URL," the company said.
"Upon successful exploitation, arbitrary code can be executed under the privileges of the user who launched QuickTime."
QuickTime Player versions 5.x and 6.0 for Windows are vulnerable, but QuickTime for Mac OS is not. Apple has since released QuickTime 6.1, which patches the flaws on Windows.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago