Digital media delivery firm RealNetworks has issued a critical update to fix multiple security flaws in its media player software.
The flaws, described by Secunia as "highly critical," could allow malicious hackers access to manipulate data or hijack a vulnerable system. Affected software includes the RealOne Player, RealPlayer and Helix Player. RealNetworks said in an advisory that users should apply fixes for all three affected products.
RealNetworks said the most critical flaw could allow an attacker to create an RM (Real Media) file to corrupt the media player when run from a local drive. A successful exploit might allow an attacker to execute harmful code on a user"s machine, the company warned. Attackers could also build a Web page with malformed calls to corrupt the embedded player and download executable code on a vulnerable machine.