Unpatched RealPlayer bug paves way for drive-by downloads
An unpatched bug in RealPlayer leaves the media player open to drive-by-download attacks, which hackers use to trick prospective marks into visiting maliciously constructed websites.
The vulnerability stems from coding errors in a RealPlayer ActiveX control (rmoc3260.dll), which enables content to be played within a user's Internet Explorer browser. The ActiveX control fails to properly handle multiple properties, including Console, creating a heap memory corruption risk.
RealPlayer version 11.0.1 is confirmed as vulnerable. Other versions of the media player may also be flawed. Security clearing house Secunia advises users to kill the affected ActiveX control pending the availability of a patch from Real Networks. Instructions and pointers on how to disable RealPlayer ActiveX controls in Internet Explorer can be found in an advisory by US CERT here.
Details of the vulnerability were posted by its discoverer, Elazar Broad, on a full disclosure mailing list on Monday.
A similar vulnerability involving the interaction between RealPlayer and IE, but affecting a different ActiveX control, was discovered last October. ®
Quite a lot of us use the codec because all those flash sites insist on not being back compatible, and so break the browser when trying to use youtube and that other dynamic ad crap. The latter damn flash media insist that my current flash player doesn't support "instant install" which is just fine by me, as I want to know what the hell they are trying to install.
NASA has real media streams available.
... that was when I used it, I used to have my TwistedTunes collection on .ra files, when they still gave away their tunes for free. Oh, and the first radio station in the entire country to do livestream did so with RealAudio too.
Even RealPlayer was good, with a plus on having a Linux version :) ... then they turned their app into bloatware, right up when mp3's were gaining popularity. I'm sure I'm not the only one that remembers < 5Mb stereo audio files in .ra format being popular in the pre-mp3 days :)
Anyway, anything ActiveX is a security risk in itself. Yuk.
Of course, that simply includes the requisite bits of the Real Player necessary for actual playback. The ActiveX control is included, so this security hole affects Real Alternative users as well. I only use Real's codec for the BBC Listen Again feature, and then only through that pesky ActiveX control ...