Buffer Overflows Patched in RealPlayer
Page 1 of 1
A buffer overflow vulnerability in RealNetworks'
flagship RealPlayer software could put millions of users at risk of PC
takeover, the company warned in an advisory.
The flaw, which carries a "high risk" rating, affects the RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8 and RealPlayer Enterprise.
eEye Digital Security, the company that discovered and reported the vulnerability to RealNetworks, said a remote attacker could overwrite heap memory with arbitrary data and execute malicious code via the digital media player.
"This specific flaw exists within the 'embd3260.dll' file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible," eEye said in an alert.
The company also warned of a RealPlayer boundary error when parsing URLs that can be exploited to cause a buffer overflow via a RAM file containing a specially crafted URL with a large number of period characters (".").
In a separate advisory, RealNetworks confirmed the existence of the security hole and released a patch to protect customers.
Buffer overflow attacks
Security consultants iDEFENSE also issued a related RealPlayer advisory with a warning that an attacker could place a .RAM file (RealPlayer Presentation) containing a maliciously constructed URL on a Web server and send an e-mail to the target with a link containing the file.
The security warnings come at a crucial time for RealNetworks,
which competes directly with Microsoft
for customers in the digital media delivery
Earlier this year, U.K.-based NGS Software warned of a potentially critical RealPlayer flaw that could allow malicious hackers to hijack vulnerable computers.
That flaw carried a "highly critical" rating.