Buffer Overflows Patched in RealPlayer
A buffer overflow vulnerability in RealNetworks' flagship RealPlayer software could put millions of users at risk of PC takeover.
The flaw, which carries a ''high risk'' rating, affects the RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8 and RealPlayer Enterprise.
eEye Digital Security, the company that discovered and reported the vulnerability to RealNetworks, said a remote attacker could overwrite heap memory with arbitrary data and execute malicious code via the digital media player.
''This specific flaw exists within the 'embd3260.dll' file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible,'' eEye said in an alert.
In a separate advisory, RealNetworks confirmed the existence of the security hole and released a patch to protect customers.
Buffer overflow attacks are a common technique used by malicious hackers to hijack vulnerable systems. A buffer overflow (or buffer overrun) is the condition where data transferred to a buffer exceeds the storage capacity and some of the data ''overflows'' into another buffer, one that the data was not intended to go into.
Security consultants iDEFENSE also issued a related RealPlayer advisory with a warning that an attacker could place a .RAM file (RealPlayer Presentation) containing a maliciously constructed URL on a Web server and send an e-mail to the target with a link containing the file.
The security warnings come at a crucial time for RealNetworks, which competes directly with Microsoft and Apple Computer for customers in the digital media delivery market.
Earlier this year, U.K.-based NGS Software warned of a potentially critical RealPlayer flaw that could allow malicious hackers to hijack vulnerable computers.
That flaw carried a ''highly critical'' rating.
This article was first published on InternetNews.com.