By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Three vulnerabilities exist in the Windows versions of the RealOne Player and RealPlayer, according to a statement on RealNetworks' Web site.
By encouraging a RealOne or RealPlayer user to download a malformed file, an attacker could run code of their choice on a user's system, according to a security advisory sent by Next Generation Security Software to the NTBugtraq mailing list.
Next Generation Security Software said it discovered the flaws and informed RealNetworks on 1 November. It is common for security firms to release their own bulletin after the software maker fixes the problem.
RealNetworks recommends that users install a patch to fix the software, although there are no reports so far of attacks using the exploit.
Click here for the Next Generation Security Software advisory.