RealNetworks has patched two highly critical holes in its media player. The bugs could allow an attacker to run malicious code by directing users to a specially-crafted Web page, via an email message for example, according to security experts. RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8, and RealPlayer Enterprise are all affected. The company has released updates fixing the problem for all except RealPlayer 8; the patches are available by using the software's built-in updating mechanism, as described in Real's advisory. RealPlayer 8 users are recommended to upgrade to RealPlayer 10.
"While we have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks," the company says in a statement. The first bug, discovered by eEye Digital Security's Karl Lynn, involves a file called embd3260.dll. A problem with the way the file generates error messages means that an attacker could use a malformed movie file embedded in a Web page to execute malicious code on a user's PC. "A heap block is allocated to contain the error message, but because of a flaw in how the buffer size is calculated, an overflow will always happen," eEye says in its advisory.
News source: PCWorld.com