GoFuckYourself.com - Adult Webmaster Forum - View Single Post

KRL · 10-01-2004, 03:26 PM

EEye Digital Security has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious Web page or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks.

The most serious of the three new bugs involves malformed calls, and could be exploited via a player embedded in a malicious site to execute arbitrary code. This bug affects RealPlayer versions 10, 10.5, as well as RealOne Player v1 and v2 on Windows.

A second bug could also allow malicious code execution, but only via a local RM file, RealNetworks says. The bug affects several versions of RealPlayer and RealOne Player on Windows, Mac OS X, and Linux.

The third bug allows a malicious Web site and malicious media files to delete files on a user's PC, if the attacker knows where the files are located. This bug affects RealPlayer versions 10, 10.5, as well as RealOne Player v1 and v2 on Windows.

10-01-2004, 03:26 PM
KRL Entrepreneur Join Date: Oct 2002 Location: USA Posts: 31,429	Real Player Security Exploits EEye Digital Security has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious Web page or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks. The most serious of the three new bugs involves malformed calls, and could be exploited via a player embedded in a malicious site to execute arbitrary code. This bug affects RealPlayer versions 10, 10.5, as well as RealOne Player v1 and v2 on Windows. A second bug could also allow malicious code execution, but only via a local RM file, RealNetworks says. The bug affects several versions of RealPlayer and RealOne Player on Windows, Mac OS X, and Linux. The third bug allows a malicious Web site and malicious media files to delete files on a user's PC, if the attacker knows where the files are located. This bug affects RealPlayer versions 10, 10.5, as well as RealOne Player v1 and v2 on Windows. __________________ If you would like to develop your domains, you can lease inexpensive foreign labor from the leaders in the field at iWebmasters.com TO LOWER YOUR COSTS AND INCREASE YOUR PRODUCTION! * * * * * * * * * * * * Domains Adult News KRL's Newsletter Biz Tips Just Listed Domains