Real Player critical patch for two vulnerabilities

Published: 2005-11-11
Last Updated: 2005-11-11 00:11:06 UTC
by Patrick Nolan (Version: 2)
0 comment(s)
RealNetworks has issued a critical patch for two vulnerabilities reported by eEye. The vulnerabilities affect a large number of RealNetworks' applications.

eEye RealPlayer Zipped Skin File Buffer Overflow II
"A RealPlayer skin file (.rjs extension) can be downloaded and applied automatically through a web browser without the user's permission."

eEye RealPlayer Data Packet Stack Overflow
"By specially crafting a malformed .rm movie file, a direct stack overwrite is triggered, and reliable code execution is then possible."

RealNetworks Update to Address Security Vulnerabilities.

0 comment(s)


Diary Archives