main

US-CERT warns of flaw in latest RealPlayer

Daniel Fleshbourne   on 03 January 2008 - 09:56 · 13 comments & 7674 views

Advertisement (Why?)
US-CERT is warning computer users of a possible problem with the latest version of RealPlayer after a Russian security company claimed to have found a way to exploit a critical flaw in the multimedia software. US-CERT (United States Computer Emergency Readiness Team) published its warning on Wednesday, the day after Gleg chief technology officer Evgeny Legerov announced the exploit code in a posting to the Daily Dave security discussion list.

The flaw affects the latest version 11 of RealPlayer running on Windows XP, service pack 2, according to Gleg. A Flash demonstration of the vulnerability has been posted to the Gleg Web site, but the company has not released its attack code or any technical details of the flaw. Legerov discovered the flaw, called a stack overflow bug, during an audit of the RealPlayer source code, he said via e-mail.

View: The full story @ Infoworld

Share this Article

About the Author

Full name: Daniel Fleshbourne
User name: Daniel
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

Post a comment · Send to friend Comments · There are 13 additional comments
(3 replies) #1 subcodec on 03 Jan 2008 - 12:54
Do people actually use Realplayer nowadays???
#1.1 +Obi Wong on 03 Jan 2008 - 14:19
Quote - (subcodec said @ #1)
Do people actually use Realplayer nowadays???


ya i'm surprised it's been around for this long
#1.2 Angel Blue01 on 03 Jan 2008 - 18:24
Unfortunatly I've got Real media saved from when RealPlayer was popular, and a lot of Web sites provide only Real media, besides its available for Linux WMP and others are not
#1.3 ghos on 03 Jan 2008 - 22:17
There are other programs which can play realmedia just fine. Real Alternative is one of the best. Also discovered J River Media Center can play them but I'm sure there are others.
I have despised Real Player since they went to the Real One interface. It just takes over your system, you'd think they would have learned by now.
#2 Xilo on 03 Jan 2008 - 13:41
When has a version of Realplayer NOT had flaws?
#3 X'tyfe on 03 Jan 2008 - 15:08
lol does any actually care?
#4 Roger2 on 03 Jan 2008 - 16:15
A flaw in RealPlayer... never.
#5 +Kushan on 03 Jan 2008 - 16:55
Realplayer has had the same flaw in it for years that Real just hasn't fixed, the flaw being that it SUCKS.
#6 shakey on 03 Jan 2008 - 18:55
the flaw is that its horrible software that people need to get rid of.
#7 sLm4ever on 03 Jan 2008 - 20:12
some stupid new PC users are still using it ... maybe because some stupid PC makers are putting it there with the new PCs ...
#8 ghos on 03 Jan 2008 - 22:19
People use it because they don't know or aren't aware there are alternatives. I go to some IRC rooms that stream and they promote the use of Real Player. They don't understand how it takes over their system, but then again many users really don't have much of a clue as to how their computer works so if a program takes over they don't notice it.
#9 Doli on 03 Jan 2008 - 22:20
People have nothing better to do but say Real sucks. RealPlayer is alot better now than what it used to be and OMG a program with a flaw in it this never happends for other programs (looking at WMP's little white line in the top corner right now)
#10 r3drum on 04 Jan 2008 - 10:58
Corporate SPAM. I remember when some Adult *action* sites used this as there default player for streaming media.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.879) © 2000 - 2008 Neowin.net