RealPlayer Security Holes Fixed

Friday, May 18, 2012 @ 02:05 PM gHale


RealNetworks is warning users about multiple security vulnerabilities in its RealPlayer media player application for Windows.

None of the now fixed holes suffered an exploit that could compromise systems, company officials said.

RELATED STORIES
RealPlayer Patches Critical Holes
Safari Vulnerabilities Revealed
Mac Trojan Steals Passwords
Apple’s OS X Tightens Security

The released update, version 15.0.4.53 of RealPlayer, closes three security holes. One hole relates to ASM RuleBook parsing that an attacker could exploit to remotely execute arbitrary code, another is a memory corruption problem related to MP4 file handling in the QuickTime plugin used by RealPlayer, and the third is a buffer overrun in the Media parser.

RealPlayer Versions 11.0 to 11.1 and 14.0.0 to 15.0.3.37, as well as RealPlayer SP 1.0 to 1.1.5 suffer from the issue, while RealPlayer for Mac is not vulnerable.

RealPlayer 15.0.4.53 – available for Windows 7, Vista SP1 and XP SP3 – corrects these problems.

All users should upgrade to the latest version, officials said. An alternative option is to uninstall RealPlayer as very few sites use it exclusively.



Leave a Reply

You must be logged in to post a comment.