RealNetworks patches flaws in media player

Security flaws in RealNetworks' media player software could allow attackers to run arbitrary code on a user's computer, the...

Published: 26 Nov 2002 12:02

Security flaws in RealNetworks' media player software could allow attackers to run arbitrary code on a user's computer, the company warned last week.

Three vulnerabilities exist in the Windows versions of the RealOne Player and RealPlayer, according to a statement on RealNetworks' Web site.

By encouraging a RealOne or RealPlayer user to download a malformed file, an attacker could run code of their choice on a user's system, according to a security advisory sent by Next Generation Security Software to the NTBugtraq mailing list.

Next Generation Security Software said it discovered the flaws and informed RealNetworks on 1 November. It is common for security firms to release their own bulletin after the software maker fixes the problem.

RealNetworks recommends that users install a patch to fix the software, although there are no reports so far of attacks using the exploit.

Click here for the Next Generation Security Software advisory.

Read more on Antivirus, firewall and IDS products

All
News
In Depth
Opinion
Photo Stories
Videos

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

SearchCIO

OT security brings new challenges in the age of IoT

We're diving into the IoT security challenges CIOs need to be aware of as a result of integrating OT devices, which often work in...
The changing role of the CIO

The shift to a digital economy is dramatically changing the role of the CIO, from trusted IT operator to business strategist.
Book excerpt: Communication structures of an organization

The following is an excerpt from 'Team Topologies: Organizing Business and Technology Teams for Fast Flow,' by Matthew Skelton ...

SearchSecurity

DerbyCon panel discusses IT mistakes that need to stop

Common security risks can be mitigated or prevented, according to a panel at DerbyCon. But users need to feel empowered to speak ...
What it takes to be a DevSecOps engineer

To address security early in the application development process, DevSecOps requires a litany of skills and technology literacy. ...
FBI says $26B lost to business email compromise over last 3 years

On the same day that 281 suspects were arrested in business email compromise stings, the FBI said worldwide losses from BEC ...

SearchNetworking

F5 Networks updates NGINX Application Platform, other tools

Updates include improved security and observability features, a new developer portal, API importing and improved analytics and ...
Legacy tools encumber modern network infrastructure monitoring

Many IT teams still use older monitoring tools that provide limited visibility across multiple network environments. AI and ...
CenturyLink acquires Streamroot, adding P2P CDN capabilities

Peer-to-peer content delivery network technology from Streamroot will enable CenturyLink to reach underserved areas and offer ...

SearchDataCenter

IBM z15 mainframe secures data across multi-cloud environments

IBM unveiled the latest in its line of mainframes capable of processing 1 trillion web transactions a day. The IBM z15 ...
Data center management as a service launches DCIM to the cloud

DMaaS is an option for organizations that want to use cloud-based management. Though these offerings hold a lot of promise, there...
Decrease legacy hardware security gaps

Dated infrastructure poses security threats to organizations -- especially with the amount of sensitive data used today. Address ...

SearchDataManagement

Amazon Quantum Ledger Database brings immutable transactions

Based on technology built internally at Amazon, the tech giant's newest database provides a centralized approach for enabling a ...
Stibo Systems advances multidomain MDM system

The new Stibo Systems 9.2 update expands the MDM platform's features with Sisense business intelligence integration and machine ...
Cloudera Data Platform to debut, as big data fortunes waver

The interim CEO of Cloudera is cautiously optimistic about growth prospects as the big data vendor acquired Arcadia Data and ...

Close