Home arrow US-CERT Computer Emergency Readiness Team arrow RealPlayer Releases Update

RealPlayer Releases Update

RealNetworks has released an update to address multiple vulnerabilities in RealPlayer. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. RealNetworks identifies the vulnerabilities as the following:

  • RealPlayer ActiveX controls property heap memory corruption.
  • Local resource reference vulnerability in RealPlayer.
  • RealPlayer SWF file heap-based buffer overflow.
  • RealPlayer ActiveX import method buffer overflow.
US-CERT encourages users to review the RealNetworks advisoryadvisory and apply the appropriate updates to help mitigate the risk.

Read more: US-CERT Current Activity