Real Player critical patch for two vulnerabilities
RealNetworks has issued a critical patch for two vulnerabilities reported by eEye. The vulnerabilities affect a large number of RealNetworks' applications.
eEye RealPlayer Zipped Skin File Buffer Overflow II
"A RealPlayer skin file (.rjs extension) can be downloaded and applied automatically through a web browser without the user's permission."
eEye RealPlayer Data Packet Stack Overflow
"By specially crafting a malformed .rm movie file, a direct stack overwrite is triggered, and reliable code execution is then possible."
RealNetworks Update to Address Security Vulnerabilities.
eEye RealPlayer Zipped Skin File Buffer Overflow II
"A RealPlayer skin file (.rjs extension) can be downloaded and applied automatically through a web browser without the user's permission."
eEye RealPlayer Data Packet Stack Overflow
"By specially crafting a malformed .rm movie file, a direct stack overwrite is triggered, and reliable code execution is then possible."
RealNetworks Update to Address Security Vulnerabilities.
Keywords:
0 comment(s)
×
Diary Archives
Comments