Mar 11 2008

RealPlayer vulnerable in Internet Explorer

If you use the RealPlayer on Internet Explorer, watch out. Researcher Elazar Broad has posted to the Full Disclosure mailing list a so-called heap overflow vulnerability that makes it possible for an attacker to modify heap blocks after they are freed and overwrite certain registers. This could allow code execution on a compromised machine. The vulnerability affects all versions of RealPlayer running under Internet Explorer.

Exploit code for this flaw has not yet been made public.

Without a patch from RealPlayer, security experts recommend disabling the killbit for the following ActiveX ClassIDs:

  • 2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93
  • CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA
Please note that disabling the killbits above will also remove some functionality within the player.

To avoid the loss of functionality, security experts recommend using RealPlayer in a browser that doesn't support ActiveX, such as Mozilla Firefox (for Windows and Mac).

Posted in: Music, Security
Tags: security, Real, RealPlayer, Elazar Broad, ActiveX, Internet Explorer, Firefox
 

Recent posts from Crave:

Add a Comment (Log in or register) 2 comments (Page 1 of 1)
Why would anyone use Realplayer?
by HooHaa March 11, 2008 10:45 AM PDT
It's been a spyware P.O.S. for years... Just delete it.
Reply to this comment
I agree with previous post
by WH33LM4N March 11, 2008 6:21 PM PDT
both programs pretty much suck. Woe to he or she who uses both of them on purpose. whomever does probably deserves a virus on their machine.
Reply to this comment
Powered by Jive Software