A critical vulnerability has been discovered in RealPlayer, the software widely used to play media files on various operating systems. The flaw, in default installations of the software, would allow malicious code to be executed with little user interaction, according to security vendor eEye Digital Security.
eEye notified the vendor, RealNetworks, about the existence of the flaw on May 14. In keeping with its policy on disclosure, eEye has not released full details of the vulnerability and will do so only when RealNetworks issues a fix for the flaw. eEye has discovered a slew of high-risk flaws in software marketed by various vendors this year.