Flaws Found in RealNetworks Media Player

Two flaws in RealNetworks' popular RealPlayer could let attackers
commandeer Windows computers running the software, eEye Digital
Security has warned.

The vulnerabilities affect RealPlayer on all versions of
Windows, according to two short advisories that eEye published
Thursday. To exploit the flaws, an attacker would craft a special media
file and host it on a Web site or trick a user into opening it, Steve
Manzuik, security product manager at eEye, said Friday.

"I don't think there is an immediate risk to users. We have no evidence of others knowing or exploiting the flaw," Manzuik said. Researchers at eEye told RealNetworks about one of the flaws on Nov. 16 and reported the second on Nov. 30,
according to the advisories. eEye regards a patch as "overdue" 60 days
after it has reported a vulnerability, so RealNetworks has some time to
come up with a fix for the bugs.

News source: C|Net News.com

Report a problem with article
Next Article

Adobe's Macromedia Takeover Clears Final Hurdle

Previous Article

EA Sued Over Feature in 'Madden NFL 06' Video Game

Join the conversation!

Login or Sign Up to read and post a comment.

-1 Comments - Add comment