FYI...
- http://service.real....0610_player/EN/
Updated June 10, 2004
"...Affected Software:
This issue affects the following Windows products:
RealOne Player (English)
RealOne Player v2 (all languages)
RealPlayer 10 (English, German and Japanese)
RealPlayer 8 (all languages)
RealPlayer Enterprise (all versions, standalone and "as configured" by the RealPlayer Enterprise Manager)
Workaround:
To ensure that your Player is protected, we recommend installing the available updates..."
(Thanks to T-Zero at NI for the wake-up call)

RealPlayer Update - Security Vuln/fix available!
Started by
AplusWebMaster
, Jun 11 2004 05:48 AM
1 reply to this topic
#2
Posted 14 June 2004 - 05:05 PM
FYI...
- http://searchsecurit...i969919,00.html
12 Jun 2004
(RealNetworks has recommended that users of its RealOne Player and RealPlayer softwares upgrade in order to avoid a high severity flaw that could allow a remote attacker to execute arbitrary code. The two media players are the most widely used softwares for Internet media delivery, with over 200 million users worldwide. The flaw lies in a core RealPlayer component, making all versions vulnerable, whether the free version for home users or the Enterprise edition. A malformed .ra, .rm, .rv, or .rmj file can be delivered through malicious weblinks or e-mail to corrupt the heap and execute code with the security privileges of the logged-on user.)
>>> - http://service.real....0610_player/EN/
- http://searchsecurit...i969919,00.html
12 Jun 2004
(RealNetworks has recommended that users of its RealOne Player and RealPlayer softwares upgrade in order to avoid a high severity flaw that could allow a remote attacker to execute arbitrary code. The two media players are the most widely used softwares for Internet media delivery, with over 200 million users worldwide. The flaw lies in a core RealPlayer component, making all versions vulnerable, whether the free version for home users or the Enterprise edition. A malformed .ra, .rm, .rv, or .rmj file can be delivered through malicious weblinks or e-mail to corrupt the heap and execute code with the security privileges of the logged-on user.)
>>> - http://service.real....0610_player/EN/
.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.