MyAntiSpyware


RealNetworks Products Multiple Buffer Overflow Vulnerabilities

Myantispyware team March 23, 2006    

Some vulnerabilities have been reported in various RealNetworks products, which can be exploited by malicious people to compromise a user’s system.

1) A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user’s system.

2) A boundary error within the handling of web pages can be exploited via a specially crafted web page on a malicious server to cause a heap-based buffer overflow. This may allow execution of arbitrary code on the user’s system.

3) A boundary error in the processing of MBC files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user’s system.

A weakness when executing other programs is caused due to incorrect use of the “CreateProcess()” API. This may allow execution of an arbitrary program on the system, if this can be placed in the program path.

The following products are affected by one of more of the vulnerabilities:
* RealPlayer 10.5 (6.0.12.1040-1348)
* RealPlayer 10
* RealOne Player v2
* RealOne Player v1
* RealPlayer 8
* RealPlayer Enterprise
* Rhapsody 3 (build 0.815 � 1.0.269)
* Mac RealPlayer 10 (10.0.0.305 – 331)
* Mac RealOne Player
* Linux RealPlayer 10 (10.0.6)
* Helix Player (10.0.6)
* Linux RealPlayer 10 (10.0.0 – 5)
* Helix Player (10.0.0 – 5)

Patch your RealPlayer now.

Critical patch Exploits & Vulnerabilities

 Previous Post

New Internet Explorer vulnerability

Next Post 

100 confirmed sites now using the IE vulnerability

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply

New Guides

WaveSplash Review, Motorized Float & Floatski 60% OFF?
BurnTide Reviews, Oprah Baking Soda Recipe Scam Exposed
Memovance Pro Reviews, Bill Gates Honey Shield Trick Scam Exposed, Steve Martin?
Vetdice.com Promo Codes: A Crypto Scam
scam alert
Zorevex.com Promo Codes: A Crypto Scam

Follow Us

Search

Useful Guides

Tech Support Scam
Remove Tech Support Scam pop-up virus [Microsoft & Apple Scam]
ads by adware
How to remove Adware from Windows 10 (Virus removal guide)
remove android virus
How to remove virus from Android phone
adwcleaner
AdwCleaner – Review, How to use, Comments
Iphone Calendar virus spam
Iphone Calendar Virus/Spam 2022 (Removal guide)

Recent Guides

New Internet Explorer vulnerability
Top 10 spyware threats discovered for last 24 hours
Coolwebsearch.info – new site from the Coolwebsearch family
New unpatched vulnerability in the Internet Explorer (mshtml.dll) found
Multiple vulnerabilities have been identified in various Macromedia products

Myantispyware.com

Myantispyware has been a trusted source for computer security and technology advice since 2004. Our mission is to provide reliable tech guidance and expert, practical solutions to help you stay safe online and protect your digital life.

Social Links

Pages

About Us
Contact Us
Privacy Policy

Copyright © 2004 - 2026 MASW - Myantispyware.com.