RealTime IT News

Buffer Overflows Found in RealPlayer

A private security research firm on Thursday warned of a potentially critical security flaw in the RealPlayer software distributed by RealNetworks that could allow malicious hackers to hijack vulnerable computers.

According to an alert from U.K.-based NGS Software, the security flaw affects RealPlayer 8, RealOne Player, RealOne Player v2 for Windows only (all languages), RealPlayer 10 Beta (English only) and RealPlayer Enterprise (all versions, standalone and as configured by the RealPlayer Enterprise Manager).

Independent security consulting firm Secunia rates the vulnerability as "highly critical."

The RealOne/RealPlayer software is considered among the most widely used media players, with an estimated user base of more than 200 million worldwide.

According to NGSSoftware, malicious hackers could craft malformed .R3T files to cause a stack based overruns in the media player. "By forcing a browser to a website containing such a file, code could be executed on the target machine running in the context of the logged on user, alternatively the end user would be required to open the .R3T file as a mail attachment," The company warned.

The Seattle-based RealNetworks confirmed the NGSSoftware findings but made it clear that users were only vulnerable if they had previously downloaded the specialized R3T plug-in. It said the newest RealPlayer 10 Gold was not vulnerable since the affected component was removed during installation.

The company issued an update to remove the buggy R3T plug-in and recommended that RealOne and RealPlayer apply the patch via the "Check for Update" option in the "Tools" menu of the media player.

It is not the first time RealNetworks have dealt with security concerns over the RealPlayer. Last April, the company plugged a heap corruption flaw that opened users to the risk of attacks using a specifically corrupted Portable Network Graphics (PNG) file. A successful exploit of that flaw could have allowed the execution of arbitrary code on a user's machine.

The latest security warning comes just one day after RealNetworks released a final version of RealPlayer 10, which is being hailed as the first free media player to playback content in every major media format.

RealNetworks said the new player, which comes with an embedded music store, allows playback of RealAudio, RealVideo, AAC, Windows Media, QuickTime MPEG-4 and MP3.

The new player has also been fitted with the ability to fast forward and rewind within streams without delay and to pause live streams.