Original URL: http://www.theregister.co.uk/2004/02/06/unholy_trio_of_realone_player/

Unholy trio of RealOne Player holes unearthed

Patching time again

By John Leyden

Posted in Security, 6th February 2004 12:15 GMT

RealOne Player users tricked into running maliciously constructed media files could surrender control of their machine to crackers because of three security vulnerabilities revealed this week.

Real Networks has acknowledged the problems and issued fixes - which users strongly urged to apply.

The first exploit involves a JavaScript vulnerability affecting RealOne Player, RealOne Player 2 for Windows only (all languages), RealPlayer 10 Beta (English only) and RealOne Enterprise Desktop or RealPlayer Enterprise.

A flaw that might allow a cracker to execute arbitrary code on a target PC if he was able to trick them into downloading and executing a maliciously constructed .RMP file affects a slightly broadened range of software. This one blights RealOne Player, RealOne Player 2 (all language versions, all platforms), and RealOne Enterprise Desktop or RealPlayer Enterprise (all versions).

Lastly, we have a vulnerability which would allow crackers to construct media files fashioned to create buffer overrun errors in RealOne Player and RealPlayer 8 (all language versions).

This flaw, like the second, opens the way for attackers to run arbitrary code on target machine. From that point on it's game over in security terms and your PC is as good as 0wn3d.

In an advisory, Real Networks said it had not received any reports of anyone actually being attacked with this exploit but that nonetheless it was treating the issue seriously - as should Real Player users.

The advisory gives instructions on how to apply the patch Real Networks has issued.

Credit for discovering the vulnerabilities goes to Jouko Pynnonen and Mark Litchfield of Next-Generation Security Software. ®