RealPlayer spun round by series of bugs
Vulnerabilities allow for file deletion on your PC.
By Matthew Broersma | Techworld | Published: 12:59, 30 September 2004
eEye has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious Web page or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks.
Researchers have turned up a myriad of serious security flaws in client software over the past few weeks, and such bugs can be difficult to patch because of the sheer number of desktops in use. Recently vulnerabilities have been revealed in WinAmp, WinZip and Apple's iChat messaging program. A vulnerability in the way Windows software decodes jpeg images has already been exploited by specially crafted pictures.
The most serious of the three new bugs involves malformed calls, and could be exploited via a player embedded in a malicious site to execute arbitrary code. This bug affects RealPlayer versions 10, 10.5, as well as RealOne Player v1 and v2 on Windows.
A second bug could also allow malicious code execution, but only via a local RM file, RealNetworks said. The bug affects several versions of RealPlayer and RealOne Player on Windows, Mac OS X and Linux.
The third bug allows a malicious website and malicious media files to delete files on a user's PC, if the attacker knows where the files are located. This bug affects RealPlayer versions 10, 10.5, as well as RealOne Player v1 and v2 on Windows.
In an advisory, RealNetworks said it has received no reports of attacks using these vulnerabilities, but has issued patches for the affected software. Danish security firm Secunia gave the bugs a "highly critical" ranking.