Welcome to p2pnet.net - The original daily p2p and digital news site. Always First!
REGISTER | LOGIN
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
Reviews
Open Source
Mobiles
Advertising
Products
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Scroogle Search: 
Search
 
Web p2pnet   
   Search: 
Search
Torrent Site Tracker
    Sponsored by
Frostwire
 
p2pnet
 


mp3rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

‘Highly critical’ RealPlayer problem

p2pnet news | Music:- If you use RealNetworks RealPlayer, be warned.

Another highly critical security hole has been reported.

In October, 2007, "A couple of years back it [RealPlayer] was being hit with one security problem after another," p2pnet posted, continuing:

"Now, hackers are actively exploiting an in-the-wild zero-day hole in RealNetworks’ RealPlayer media player with people using Microsoft Windows, says Symantec."

The vulnerability was hitting the latest versions of RealPlayer and RealPlayer 11 BETA and affects an ActiveX object in the RealPlayer component ierpplug.dll.

Now, "Evgeny Legerov has reported a vulnerability in RealPlayer, which can be exploited by malicious people to compromise a user’s system," says Secunia, going on:

"The vulnerability is caused due to an unspecified error and can be exploited to cause a buffer overflow."

Successful exploitation allows execution of arbitrary code, says the post, adding the vulnerability has already been reported in version 11 build 6.0.14.748 but, "Other versions may also be affected," says Secunia.

Solution?

Don’t open untrusted media files or browse untrusted websites.

SlashdotSlashdot it! Add to Technorati Favorites

Also see:
in-the-wild zero-day hole – Realplayer exploit exploited, October 22, 2007
Secunia – RealPlayer Unspecified Buffer Overflow Vulnerability, Januarey 3, 2008

Use free p2pnet newsfeeds for your site. It’s really easy!

Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.

This entry was posted on Thursday, January 3rd, 2008 at 12:05 pm and is filed under Music. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

HOME

Viewed 3144 times

« previous Are YOU an Obama geek?
‘Harry Potter’ specs go to a good cause next »

5 Responses to “‘Highly critical’ RealPlayer problem”

  1. Reader's Write Says:
    January 3rd, 2008 at 1:31 pm

    The solution is not to use Realplayer. Not only have they had continual problems with security but the spyware is bad enough on its own. While they do have some good codec for making the files smaller, the codec by itself is not usable without the player.

    I long ago gave up on Realplayer as well as the Windows MediaPlayer both for reasons of spyware. Mediaplayer for win also because since version 9 it is not totally uninstallable once installed. Parts are left behind on purpose in your system making it a continuing security nightmare even if you just install it and then uninstall it.

    Thank you but I will continue to use QCD which I have found to be dependable, removable, and without tons of spyware. Nor do I allow the player to connect to Gracenote.

  2. Why realplayer? Says:
    January 3rd, 2008 at 1:46 pm

    Who uses that outmoded player anymore anyways?? Go get VLC media player, which will play RealVideo/Audio, Quicktime (so no more having to install iTunes in order to install the QT player), and a whole slew of other formats, all for free, with no security problems!

  3. Andrey Says:
    January 3rd, 2008 at 3:41 pm

    Seriously, I use VLC unless the video has weird codecs, then I use mplayer.

  4. RealBadPlayer Says:
    January 4th, 2008 at 11:45 am

    RealPlayer is a ‘Highly critical’ problem. Always has been. Don’t use it.

  5. VLCforever Says:
    January 7th, 2008 at 6:34 pm

    Andrey is crazy, VLC will play ANYTHING!!

Leave a Reply

ONLY items referencing the post at hand, please. No links to personal sites, no personal attacks, trolling, freebie advertising, or off-topic posts. Thanks. And Cheers!

    Sponsored by
tek savvy