Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > November 2005 > RealNetworks - Two Vulnerabilities

November 2005

RealNetworks - Two Vulnerabilities

ID: 01009
Ref: 947/2005
Date: 11 November 2005:14:44:44
Version: 1
Title: RealNetworks - Two Vulnerabilities
Abstract:
Vendors affected: RealNetworks
Operating systems affected: RealNetworks
Applications affected: RealNetworks
Title
=====

RealNetworks - Two Vulnerabilities


Detail
======

RealNetworks have released patches to fix two recently reported vulnerabilities
in some versions of the RealPlayer, RealOne, and Helix Player software for Windows,
Mac and Linux. The vulnerabilities are due to potential memory overflows in the
handling of RealPlayer skin files (.rjs) and Real Media files (.rm). It has been
reported that the overflows can be exploited for arbritrary code execution.

The patches can be found at the following URL:
http://service.real.com/help/faq/security/051110_player/EN/

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |