The vulnerability exists in a component of RealPlayer that processes user-supplied data in a SMIL file for use by RealPlayer. Attackers could format a SMIL file to take advantage of the hole and create a buffer overflow on the machine running RealPlayer that would allow them to run their own malicious code on the system, according to an advisory from security company iDefense.
Many versions of RealPlayer and RealOne Player are vulnerable to this security flaw, including versions for Windows, Mac and Linux.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.