Spotlight news

RealNetworks patches player bugs for OS X

The flaws could allow a hacker to execute malicious code on a PC or cause the computer to reveal information, as indicated in a report from Secunia.

RealPlayer is an application that plays audio and video broadcast over the Internet.

RealNetworks has published a table detailing which vulnerabilities affect certain versions of the player on different platforms. Some users will need to download a new version of the application, while others will only need to download the patches.

One of the problems is related to the handling of frames in SWF (Shockwave Flash) files due to a design error and that can cause a buffer overflow, as Secunia indicates.

Another problem causes a buffer overflow when a media file is imported by using an ActiveX control, Microsoft technology that adds additional functionality to web pages.

The third flaw is described by RealPlayer as the ability to access local resources. The fourth of these failures is also related to ActiveX, where a time problem related to the “Controls”, “Console” or “WindowsName” properties can be maliciously manipulated to corrupt RealPlayer’s memory, as Secunia has indicated .